Analysis Overview
Threat Level: Known bad
The file https://grabify.link/DWTQUT was found to be: Known bad.
Malicious Activity Summary
Babylon RAT
Babylonrat family
Modifies Windows Firewall
Loads dropped DLL
Executes dropped EXE
Looks up external IP address via web service
UPX packed file
Drops file in Windows directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Event Triggered Execution: Netsh Helper DLL
Suspicious use of SetWindowsHookEx
Uses Volume Shadow Copy service COM API
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Checks SCSI registry key(s)
Uses Volume Shadow Copy WMI provider
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of SendNotifyMessage
Checks processor information in registry
Enumerates system info in registry
Suspicious behavior: LoadsDriver
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Suspicious use of AdjustPrivilegeToken
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-04-12 06:01
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-04-12 06:01
Reported
2025-04-12 06:19
Platform
win10ltsc2021-20250410-en
Max time kernel
1049s
Max time network
1050s
Command Line
Signatures
Babylon RAT
Babylonrat family
Modifies Windows Firewall
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\netsh.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\installer.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | whatismyipaddress.com | N/A | N/A |
| N/A | whatismyipaddress.com | N/A | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_447724103\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_760618943\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\bnpl\bnpl.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification\de\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification-shared\ko\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_127787158\deny_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1801927187\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1995841308\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-shared-components\de\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Wallet-Checkout\wallet-drawer.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\wallet-webui-792.b1180305c186d50631a2.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification\ar\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-pa.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-ec\da\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-mobile-hub\ar\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Wallet-BuyNow\wallet-buynow.bundle.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\wallet-webui-227.bb2c3c84778e2589775f.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\wallet-webui-708.de49febeeb0e9c77883f.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_677918831\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-lv.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-hub\pl\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification-shared\pt-PT\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\wallet.bundle.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1278946693\Microsoft.CognitiveServices.Speech.core.dll | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_2120799099\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-ec\pl\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-hub\pt-PT\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification\sv\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-shared-components\ko\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Tokenized-Card\tokenized-card.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_684258474\_platform_specific\win_x64\widevinecdm.dll | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-hi.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-ec\sv\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-hub\id\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-hub\ja\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-mobile-hub\en-GB\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Wallet-Checkout\wallet-drawer.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\app-setup.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification-shared\el\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\wallet\wallet-pre-stable.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_684258474\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_447724103\edge_autofill_global_block_list.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_684258474\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1995841308\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-be.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-en-us.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_2120799099\adblock_snippet.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification\zh-Hans\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-shared-components\fr-CA\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Wallet-Checkout\wallet-drawer.bundle.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_127787158\deny_full_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_677918831\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-et.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_2120799099\Part-IT | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-ec\cs\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\wallet\wallet-checkout\checkoutdata.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_161420066\kp_pinslist.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-gu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-la.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-ec\de\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-ec\hu\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification\el\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-notification\fi\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\installer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\virus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\virus.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\virus.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\UpperFilters | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_WDC&PROD_WDS100T2B0A\4&215468A5&0&000000 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\UpperFilters | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133889113277176608" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3457531954-2054407110-1019940402-1000\{1F2139C2-3023-4BD3-B226-92AB7605CF3B} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3457531954-2054407110-1019940402-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3457531954-2054407110-1019940402-1000\{97C50632-6F6E-4EBC-B62D-CB6F82AB5DC2} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\installer.exe | N/A |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\virus.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://grabify.link/DWTQUT
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2f0,0x2f4,0x2f8,0x2ec,0x368,0x7ff97aa9f208,0x7ff97aa9f214,0x7ff97aa9f220
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1784,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=2720 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2688,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=2684 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2236,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=2744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3448,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3464,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=3496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=5012,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=4984 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4792,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3744,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=3696 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5660,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5668 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5920,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5920,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5940 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=744,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5760,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6012 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5148,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=136 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5348,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5336 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=5812,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=5756,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=3692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=6324,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=4276 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=6312,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --always-read-main-dll --field-trial-handle=6596,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6608,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6896 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4632,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6048 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6060,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7196 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5768,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6048 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=6048,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5516,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=4680 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3944,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=3940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6040,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=3984 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7188,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5676 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7236,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7260 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6980,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=1168 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7284,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6200 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --always-read-main-dll --field-trial-handle=7176,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7164,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7332 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --always-read-main-dll --field-trial-handle=7336,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=1336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --always-read-main-dll --field-trial-handle=7268,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --always-read-main-dll --field-trial-handle=7496,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5552 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --always-read-main-dll --field-trial-handle=7616,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --always-read-main-dll --field-trial-handle=7748,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --always-read-main-dll --field-trial-handle=3544,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --always-read-main-dll --field-trial-handle=8004,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7972,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --always-read-main-dll --field-trial-handle=7308,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --always-read-main-dll --field-trial-handle=8316,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7884 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --always-read-main-dll --field-trial-handle=7740,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --always-read-main-dll --field-trial-handle=8132,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --always-read-main-dll --field-trial-handle=7332,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8764,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8796 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8708,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --always-read-main-dll --field-trial-handle=8720,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8776,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7816 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\installer.exe
"C:\Users\Admin\Downloads\installer.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Roaming\Anti-AFK\7b67a79847ede0dd87bc17ba20cbfc5f\7b67a79847ede0dd87bc17ba20cbfc5f.bat
C:\Windows\SysWOW64\netsh.exe
netsh firewall add allowedprogram "C:\Users\Admin\Downloads\installer.exe" "installer.exe" ENABLE
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5176,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8624 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6964,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=5872 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8284,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=2600 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7444,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6524 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4ec 0x338
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8172,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5944,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_xpay_wallet.mojom.EdgeXPayWalletService --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8072,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --always-read-main-dll --field-trial-handle=8456,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=7396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --always-read-main-dll --field-trial-handle=7876,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --always-read-main-dll --field-trial-handle=7304,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=9080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=8068,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8824 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --always-read-main-dll --field-trial-handle=8496,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=9104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --always-read-main-dll --field-trial-handle=8340,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=8304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=9432,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=9428 /prefetch:8
C:\Users\Admin\Downloads\virus.exe
"C:\Users\Admin\Downloads\virus.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3416,i,3982988152465364300,14707167410540333633,262144 --variations-seed-version --mojo-platform-channel-handle=6260 /prefetch:8
C:\Users\Admin\Downloads\virus.exe
"C:\Users\Admin\Downloads\virus.exe"
C:\Users\Admin\Downloads\virus.exe
"C:\Users\Admin\Downloads\virus.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | grabify.link | udp |
| US | 8.8.8.8:53 | grabify.link | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:80 | edge.microsoft.com | tcp |
| US | 172.67.68.246:443 | grabify.link | udp |
| US | 172.67.68.246:443 | grabify.link | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 216.58.201.110:443 | google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 88.221.135.11:443 | www.bing.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 216.58.201.110:443 | google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 216.58.213.10:443 | ogads-pa.clients6.google.com | tcp |
| GB | 142.250.179.238:443 | apis.google.com | tcp |
| GB | 216.58.213.10:443 | ogads-pa.clients6.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.200.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| GB | 88.221.135.11:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 95.101.143.210:443 | th.bing.com | tcp |
| GB | 95.101.143.210:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | th.bing.com | tcp |
| GB | 95.101.143.202:443 | th.bing.com | udp |
| GB | 95.101.143.202:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | whatismyipaddress.com | udp |
| US | 104.19.223.79:443 | whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | map.whatismyipaddress.info | udp |
| US | 8.8.8.8:53 | map.whatismyipaddress.info | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 8.8.8.8:53 | a.pub.network | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | app.fusebox.fm | udp |
| US | 8.8.8.8:53 | app.fusebox.fm | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 172.67.70.40:443 | app.fusebox.fm | udp |
| GB | 79.127.237.132:443 | a.omappapi.com | tcp |
| FR | 18.245.175.102:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | zipthelake.com | udp |
| US | 8.8.8.8:53 | zipthelake.com | udp |
| US | 104.18.20.206:443 | a.pub.network | udp |
| US | 34.110.146.185:443 | zipthelake.com | tcp |
| US | 104.18.29.249:443 | map.whatismyipaddress.info | udp |
| US | 8.8.8.8:53 | optimise.net | udp |
| US | 8.8.8.8:53 | optimise.net | udp |
| US | 8.8.8.8:53 | api.floors.dev | udp |
| US | 8.8.8.8:53 | api.floors.dev | udp |
| US | 34.111.152.239:443 | optimise.net | tcp |
| US | 34.160.128.112:443 | api.floors.dev | tcp |
| US | 8.8.8.8:53 | d.pub.network | udp |
| US | 8.8.8.8:53 | d.pub.network | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 34.160.152.31:443 | d.pub.network | tcp |
| US | 172.67.70.40:443 | app.fusebox.fm | udp |
| US | 8.8.8.8:53 | api.omappapi.com | udp |
| US | 8.8.8.8:53 | api.omappapi.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 104.18.3.9:443 | api.omappapi.com | tcp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| US | 8.8.8.8:53 | static.adsafeprotected.com | udp |
| FR | 18.164.52.35:443 | static.adsafeprotected.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| FR | 18.164.52.35:443 | static.adsafeprotected.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | static.libsyn.com | udp |
| US | 8.8.8.8:53 | static.libsyn.com | udp |
| FR | 18.245.175.102:443 | cmp.inmobi.com | tcp |
| US | 8.8.8.8:53 | onesignal.com | udp |
| US | 8.8.8.8:53 | onesignal.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 104.16.160.145:443 | onesignal.com | udp |
| FR | 99.86.91.119:443 | static.libsyn.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 34.110.146.185:443 | zipthelake.com | udp |
| US | 8.8.8.8:53 | td.doubleclick.net | udp |
| US | 8.8.8.8:53 | td.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| GB | 142.250.179.226:443 | td.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | td.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 64.233.184.156:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.35:443 | www.google.co.uk | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| US | 8.8.8.8:53 | api.cmp.inmobi.com | udp |
| DE | 3.73.22.203:443 | api.cmp.inmobi.com | tcp |
| US | 104.18.29.249:443 | map.whatismyipaddress.info | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| US | 8.8.8.8:53 | c.clarity.ms | udp |
| IE | 13.74.129.1:443 | c.clarity.ms | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 150.171.27.10:443 | c.bing.com | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.18.190.98:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 104.16.160.145:443 | onesignal.com | udp |
| US | 8.8.8.8:53 | img.onesignal.com | udp |
| US | 8.8.8.8:53 | img.onesignal.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.179.227:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 104.19.223.79:443 | whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 104.18.29.249:443 | map.whatismyipaddress.info | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 104.16.160.145:443 | img.onesignal.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| GB | 95.101.143.201:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 104.19.223.79:443 | whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 104.18.29.249:443 | map.whatismyipaddress.info | udp |
| US | 104.16.160.145:443 | img.onesignal.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| GB | 79.127.237.132:443 | a.omappapi.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 104.19.223.79:443 | whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 104.18.29.249:443 | map.whatismyipaddress.info | udp |
| US | 104.16.160.145:443 | img.onesignal.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 104.19.223.79:443 | whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 8.8.8.8:53 | a.omappapi.com | udp |
| US | 104.18.29.249:443 | map.whatismyipaddress.info | udp |
| US | 104.16.160.145:443 | img.onesignal.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| US | 8.8.8.8:53 | ds6.probe.whatismyipaddress.com | udp |
| GB | 143.244.38.136:443 | a.omappapi.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 88.221.135.16:443 | www.bing.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 88.221.135.51:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 2.18.190.99:443 | assets.msn.com | tcp |
| GB | 2.18.190.99:443 | assets.msn.com | tcp |
| GB | 2.18.190.99:443 | assets.msn.com | tcp |
| GB | 2.18.190.99:443 | assets.msn.com | tcp |
| GB | 2.18.190.99:443 | assets.msn.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| GB | 88.221.135.41:443 | th.bing.com | tcp |
| FR | 52.222.169.99:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.18.190.99:443 | assets.msn.com | udp |
| GB | 2.18.190.99:443 | assets.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 13.89.179.10:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | udp |
| GB | 88.221.135.51:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| GB | 88.221.135.41:443 | r.bing.com | tcp |
| GB | 88.221.135.41:443 | r.bing.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 95.100.245.213:443 | ecn.dev.virtualearth.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | tcp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| DE | 57.129.39.102:80 | upload.ee | tcp |
| DE | 57.129.39.102:80 | upload.ee | tcp |
| US | 8.8.8.8:53 | upload.ee | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| DE | 57.129.39.102:443 | upload.ee | tcp |
| US | 8.8.8.8:53 | www.upload.ee | udp |
| US | 8.8.8.8:53 | www.upload.ee | udp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| FR | 3.164.160.216:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| US | 8.8.8.8:53 | mnverylittlec.org | udp |
| US | 8.8.8.8:53 | mnverylittlec.org | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | ildrendreaminger.org | udp |
| US | 8.8.8.8:53 | ildrendreaminger.org | udp |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 8.8.8.8:53 | ukankingwithea.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 172.67.145.65:443 | mnverylittlec.org | udp |
| GB | 18.244.140.64:443 | ildrendreaminger.org | tcp |
| GB | 18.244.140.64:443 | ildrendreaminger.org | tcp |
| GB | 13.224.222.87:443 | ownouncillorswhow.org | tcp |
| US | 8.8.8.8:53 | kmtendationfore.org | udp |
| US | 8.8.8.8:53 | kmtendationfore.org | udp |
| PT | 3.160.132.105:443 | ghabovethec.info | tcp |
| US | 104.21.96.1:443 | ukankingwithea.com | udp |
| DE | 157.240.27.35:443 | www.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 13.224.245.34:443 | kmtendationfore.org | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| FR | 3.164.160.92:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| FR | 3.164.160.92:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| GB | 13.224.222.102:443 | ownouncillorswhow.org | tcp |
| GB | 13.224.222.102:443 | ownouncillorswhow.org | tcp |
| US | 8.8.8.8:53 | teropheraes.co.in | udp |
| US | 8.8.8.8:53 | teropheraes.co.in | udp |
| NL | 85.17.80.23:443 | teropheraes.co.in | tcp |
| NL | 85.17.80.23:443 | teropheraes.co.in | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.187.225:443 | ep2.adtrafficquality.google | tcp |
| US | 8.8.8.8:53 | xxxgames.games | udp |
| US | 8.8.8.8:53 | xxxgames.games | udp |
| JP | 207.120.43.3:443 | xxxgames.games | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.187.225:443 | ep2.adtrafficquality.google | tcp |
| JP | 207.120.43.3:443 | xxxgames.games | tcp |
| GB | 142.250.187.225:443 | ep2.adtrafficquality.google | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | a.exoclick.com | udp |
| US | 8.8.8.8:53 | a.exoclick.com | udp |
| US | 8.8.8.8:53 | hw-cdn2.adtng.com | udp |
| US | 151.101.131.52:443 | hw-cdn2.adtng.com | tcp |
| US | 151.101.130.137:443 | code.jquery.com | tcp |
| GB | 89.187.167.41:443 | a.exoclick.com | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.upload.ee | udp |
| US | 8.8.8.8:53 | www.upload.ee | udp |
| US | 8.8.8.8:53 | adultgames.games | udp |
| US | 8.8.8.8:53 | adultgames.games | udp |
| JP | 207.120.43.10:443 | adultgames.games | tcp |
| JP | 207.120.43.10:443 | adultgames.games | tcp |
| JP | 207.120.43.10:443 | adultgames.games | tcp |
| US | 8.8.8.8:53 | content-cdn.porngames.games | udp |
| US | 8.8.8.8:53 | content-cdn.porngames.games | udp |
| GB | 79.127.237.132:443 | content-cdn.porngames.games | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | sync.atsptp.com | udp |
| US | 8.8.8.8:53 | sync.atsptp.com | udp |
| US | 66.254.114.220:443 | sync.atsptp.com | tcp |
| US | 8.8.8.8:53 | sync_events.atsptp.com | udp |
| US | 8.8.8.8:53 | sync_events.atsptp.com | udp |
| US | 8.8.8.8:53 | kmtendationfore.org | udp |
| US | 8.8.8.8:53 | kmtendationfore.org | udp |
| GB | 13.224.245.57:443 | kmtendationfore.org | tcp |
| GB | 13.224.245.57:443 | kmtendationfore.org | tcp |
| US | 8.8.8.8:53 | content-cdn.xxxgames.games | udp |
| US | 8.8.8.8:53 | content-cdn.xxxgames.games | udp |
| GB | 79.127.237.132:443 | content-cdn.xxxgames.games | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | static.trafficjunky.com | udp |
| US | 8.8.8.8:53 | static.trafficjunky.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | syndication.realsrv.com | udp |
| US | 8.8.8.8:53 | syndication.realsrv.com | udp |
| US | 8.8.8.8:53 | s.opoxv.com | udp |
| US | 8.8.8.8:53 | s.opoxv.com | udp |
| GB | 64.210.156.21:443 | static.trafficjunky.com | tcp |
| NL | 95.211.229.248:443 | s.opoxv.com | tcp |
| NL | 95.211.229.248:443 | s.opoxv.com | tcp |
| US | 8.8.8.8:53 | s.orbsrv.com | udp |
| US | 8.8.8.8:53 | s.orbsrv.com | udp |
| US | 8.8.8.8:53 | s.magsrv.com | udp |
| US | 8.8.8.8:53 | s.magsrv.com | udp |
| US | 8.8.8.8:53 | s.pemsrv.com | udp |
| US | 8.8.8.8:53 | s.pemsrv.com | udp |
| NL | 95.211.229.246:443 | s.orbsrv.com | tcp |
| NL | 95.211.229.248:443 | s.magsrv.com | tcp |
| NL | 95.211.229.245:443 | s.pemsrv.com | tcp |
| US | 8.8.8.8:53 | s.zlink0.com | udp |
| US | 8.8.8.8:53 | s.zlink0.com | udp |
| US | 8.8.8.8:53 | s.eln3ax.com | udp |
| US | 8.8.8.8:53 | s.eln3ax.com | udp |
| US | 8.8.8.8:53 | s.dsssnr.com | udp |
| US | 8.8.8.8:53 | s.dsssnr.com | udp |
| NL | 95.211.229.246:443 | s.dsssnr.com | tcp |
| NL | 95.211.229.246:443 | s.dsssnr.com | tcp |
| NL | 95.211.229.246:443 | s.dsssnr.com | tcp |
| NL | 95.211.229.246:443 | s.dsssnr.com | tcp |
| NL | 95.211.229.246:443 | s.dsssnr.com | tcp |
| NL | 95.211.229.246:443 | s.dsssnr.com | tcp |
| US | 8.8.8.8:53 | s.dst8vn.com | udp |
| US | 8.8.8.8:53 | s.dst8vn.com | udp |
| US | 8.8.8.8:53 | s.zlink7.com | udp |
| US | 8.8.8.8:53 | s.zlink7.com | udp |
| NL | 95.211.229.248:443 | s.zlink7.com | tcp |
| NL | 95.211.229.248:443 | s.zlink7.com | tcp |
| NL | 95.211.229.248:443 | s.zlink7.com | tcp |
| NL | 95.211.229.248:443 | s.zlink7.com | tcp |
| US | 8.8.8.8:53 | a.ocean-trk.com | udp |
| US | 8.8.8.8:53 | a.ocean-trk.com | udp |
| US | 8.8.8.8:53 | ads.trafficjunky.net | udp |
| US | 8.8.8.8:53 | ads.trafficjunky.net | udp |
| US | 172.67.132.3:443 | a.ocean-trk.com | udp |
| US | 66.254.114.154:443 | ads.trafficjunky.net | tcp |
| GB | 89.187.167.41:443 | a.exoclick.com | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 79.127.237.132:443 | content-cdn.xxxgames.games | tcp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.11.108.188:443 | checkappexec.microsoft.com | tcp |
| US | 66.113.31.17:7547 | tcp | |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 88.221.135.10:443 | www.bing.com | udp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 66.113.31.17:7547 | tcp | |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 88.221.135.43:443 | www.bing.com | udp |
| US | 66.113.31.17:7547 | tcp | |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| GB | 2.18.190.98:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| NL | 85.17.80.23:443 | teropheraes.co.in | tcp |
| NL | 85.17.80.23:443 | teropheraes.co.in | tcp |
| US | 8.8.8.8:53 | xxxgames.games | udp |
| US | 8.8.8.8:53 | xxxgames.games | udp |
| US | 8.8.8.8:53 | a.exoclick.com | udp |
| US | 8.8.8.8:53 | a.exoclick.com | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| GB | 89.187.167.38:443 | a.exoclick.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| JP | 207.120.43.11:443 | xxxgames.games | tcp |
| US | 104.18.10.207:443 | maxcdn.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | hw-cdn2.adtng.com | udp |
| US | 8.8.8.8:53 | hw-cdn2.adtng.com | udp |
| US | 8.8.8.8:53 | content-cdn.xxxgames.games | udp |
| US | 8.8.8.8:53 | content-cdn.xxxgames.games | udp |
| GB | 143.244.38.136:443 | content-cdn.xxxgames.games | tcp |
| GB | 2.18.190.98:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 88.221.135.11:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| GB | 142.250.178.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| FR | 3.164.160.216:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 8.8.8.8:53 | s7.addthis.com | udp |
| US | 8.8.8.8:53 | xpaywalletcdn.azureedge.net | udp |
| US | 8.8.8.8:53 | xpaywalletcdn.azureedge.net | udp |
| US | 13.107.246.64:443 | xpaywalletcdn.azureedge.net | tcp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 8.8.8.8:53 | ghabovethec.info | udp |
| US | 172.67.145.65:443 | mnverylittlec.org | udp |
| US | 8.8.8.8:53 | ildrendreaminger.org | udp |
| US | 8.8.8.8:53 | ildrendreaminger.org | udp |
| US | 8.8.8.8:53 | kmtendationfore.org | udp |
| US | 8.8.8.8:53 | kmtendationfore.org | udp |
| US | 104.21.96.1:443 | ukankingwithea.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| GB | 18.244.140.100:443 | ghabovethec.info | tcp |
| GB | 13.224.222.87:443 | ownouncillorswhow.org | tcp |
| GB | 18.244.140.15:443 | ildrendreaminger.org | tcp |
| GB | 13.224.245.57:443 | kmtendationfore.org | tcp |
| GB | 163.70.147.35:443 | www.facebook.com | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| US | 8.8.8.8:53 | du0pud0sdlmzf.cloudfront.net | udp |
| FR | 3.164.160.216:443 | du0pud0sdlmzf.cloudfront.net | tcp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| US | 8.8.8.8:53 | ownouncillorswhow.org | udp |
| GB | 13.224.222.102:443 | ownouncillorswhow.org | tcp |
| US | 8.8.8.8:53 | friendumbrella.xyz | udp |
| US | 8.8.8.8:53 | friendumbrella.xyz | udp |
| US | 104.21.23.10:443 | friendumbrella.xyz | udp |
| US | 8.8.8.8:53 | maxidownload.com | udp |
| US | 8.8.8.8:53 | maxidownload.com | udp |
| US | 104.21.86.253:443 | maxidownload.com | tcp |
| US | 104.21.86.253:443 | maxidownload.com | udp |
| US | 8.8.8.8:53 | yourjsdelivery.com | udp |
| US | 8.8.8.8:53 | yourjsdelivery.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 8.8.8.8:53 | ajax.googleapis.com | udp |
| US | 104.26.3.174:443 | yourjsdelivery.com | tcp |
| GB | 172.217.169.10:443 | ajax.googleapis.com | tcp |
| US | 8.8.8.8:53 | nostop.go2cloud.org | udp |
| US | 8.8.8.8:53 | nostop.go2cloud.org | udp |
| IE | 52.210.174.128:443 | nostop.go2cloud.org | tcp |
| US | 8.8.8.8:53 | stats.webanalyticscounter.com | udp |
| US | 8.8.8.8:53 | stats.webanalyticscounter.com | udp |
| US | 172.67.183.158:443 | stats.webanalyticscounter.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 104.21.86.253:443 | maxidownload.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| GB | 142.250.187.225:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | _8443._https.cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | speedtest.net | udp |
| US | 8.8.8.8:53 | speedtest.net | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 104.17.25.14:8443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.66.219:443 | speedtest.net | tcp |
| GB | 216.58.201.110:443 | google.com | udp |
| GB | 142.250.180.2:443 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 172.67.183.158:443 | stats.webanalyticscounter.com | udp |
| US | 8.8.8.8:53 | www.speedtest.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| US | 104.17.147.22:443 | www.speedtest.net | tcp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 8.8.8.8:53 | j.clarity.ms | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| US | 8.8.8.8:53 | stun3.l.google.com | udp |
| US | 8.8.8.8:53 | stun4.l.google.com | udp |
| US | 8.8.8.8:53 | stun3.l.google.com | udp |
| US | 8.8.8.8:53 | stun4.l.google.com | udp |
| US | 8.8.8.8:53 | stun4.l.google.com | udp |
| US | 8.8.8.8:53 | stun3.l.google.com | udp |
| US | 74.125.250.129:19302 | stun4.l.google.com | udp |
| US | 74.125.250.129:19302 | stun4.l.google.com | udp |
| US | 74.125.250.129:19302 | stun4.l.google.com | udp |
| GB | 88.221.135.11:443 | www.bing.com | udp |
| GB | 181.215.176.43:443 | tcp | |
| GB | 2.18.190.98:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 181.215.176.43:443 | tcp | |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| DE | 57.129.39.102:443 | www.upload.ee | tcp |
| GB | 181.215.176.43:443 | tcp | |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 52.184.215.111:443 | j.clarity.ms | tcp |
| GB | 88.221.135.3:443 | www.bing.com | udp |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| US | 8.8.8.8:53 | upload.ee | udp |
| US | 8.8.8.8:53 | upload.ee | udp |
| DE | 57.129.39.102:443 | upload.ee | tcp |
| DE | 57.129.39.102:443 | upload.ee | tcp |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp | |
| GB | 181.215.176.43:443 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ffb0f6370fd46b3b2cdeb98ab5358757 |
| SHA1 | 94907e67d565b365c75c16b58dca51d3be5e6e44 |
| SHA256 | 25350a29026f91032c77d3ed2cd1c74328abc1b79e6969358072deeb72a66f1f |
| SHA512 | 25c703ba1a876003522b9f9419d87e1f57c7cc4e9d77cd78a91de0dc05e1c01dba9536ef2e7a4c9b4bbd4f0dffe26ff480bf990862297367556001f924a8ec84 |
\??\pipe\crashpad_4168_VHUGDEFVGFTVESTK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 845d842365a2b1d6fc543d5987a8444c |
| SHA1 | d9e74493c371fda8850da9a0daa8bc4f77ec0326 |
| SHA256 | 6f55c946ac04a6258c714365d9a2cd4ac841e695f3be9f04e84310e5d9ab6110 |
| SHA512 | 3fa48469bc4e7d480b7ad5c98a8a3e4e3f210ad986b6aa4e6d8b3a2a0061b2ad7423ac673fb45a435bbdd927f623e3032039b8fbf0aaf5a9ecd98831378562d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073
| MD5 | 50a7159ff34dea151d624f07e6cb1664 |
| SHA1 | e13fe30db96dcee328efda5cc78757b6e5b9339c |
| SHA256 | e990d9d31c4c7d57dd4795e43baea05501fb6ea8b7760f89001be660425dd01b |
| SHA512 | a7768dd7e315b07754a305080e0fc023765e5a224b2c3824e8e10f29286df63bbdefef379e069941fd8cd9c7c3befce976779ae2efdfb6e7da697b09d7f07250 |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | 65a1936135df1e18e629b4262fb691ee |
| SHA1 | 2ba43e594240a05a6d84787e469d395d1a9bd045 |
| SHA256 | 32f5871071c21a780a1efcb0388e565f9b5ccaea1de91c5a0132343a7485815d |
| SHA512 | fac6bdd4dd8013ff5277717e24ce0b6f061c4937c0b951e89a7313039280cc8d3d0d210eeb680e2be9211b5b721899c85b6ea6e4ce016b08a7f3f6969ba9e35c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | 4db07f19f54609f7f18b760e7265479c |
| SHA1 | c5a5f03c7b658f67171e4283a4a01edc8d56dfd4 |
| SHA256 | 2b6c70d6c3e751ba7ced128ed24621a7997555f4fef8eb5263fbaeadc62cd1df |
| SHA512 | 7dfd79f779216b0c9f76b8e49c2e048b71cbce679275bd93b3a621c86e119cbffa3e0e7e06941ae9d81b80f9b504a24ef2f2f1f436f207dfec62ed62b1735401 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | df3a316d368d6625f014092e97b414a2 |
| SHA1 | 8588258b51f1dacb17b6ec05b629079465c2099d |
| SHA256 | 64c7a1e100a958e513f353a2b798d34e2e9bdac7f8ad79406ac87ece5f80dc6d |
| SHA512 | effcdf8ed92d1e3593f83dfb076876ec517ccbe72779106e0fe4b9bbc370b875435ccecae63e0f9ba9bb1d6f91d4bfdf1dffc1d289b47e27004e84f9ed6e0e96 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 2b66d93c82a06797cdfd9df96a09e74a |
| SHA1 | 5f7eb526ee8a0c519b5d86c845fea8afd15b0c28 |
| SHA256 | d4c064db769b3c109da2ed80a53fbab00987c17421a47921e41e213781d67954 |
| SHA512 | 95e45c0aea0e704be5f512dffaae377d4abef78da99b3bca769264d69be20f2570daf2f47905645217e1b2696e42b101f26149219f148b4d6dd97a6c2868b6f5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cda7f6757fce7b85f8e06c962ce8a97e |
| SHA1 | 2798450bab776e559f9a7d2cdb0fb6d157e1e62b |
| SHA256 | c8a0c31a6789dd9b10048612791a3a7a3912a3141b0a2c71b3ecf6b49a9dc219 |
| SHA512 | 99a91d749e67bfe97735a0c4f5e718eb3898e9f284ce6b1fa736ca94f425e87452b9d9e9d0237e638c725b47acd79a9175fb0dbe758dc8db16092c6695cc5ef9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 1f9733486bb61073694b97515df26e8d |
| SHA1 | 4b4e5e1b51e5af3e7a506ee6747479fa11dacc36 |
| SHA256 | 1aa0f2ad3f5eef03c833f11bffd318b8db7c9a1ad9aa90e5eecd98cc5fdd4f1e |
| SHA512 | ab2e9e3723be9d2b1d1326599c6caeb3ef2e95867cdc662a4347c3390dd18c4e5ef23e3ba0817c52d94fb40cf76456d5d8f6e6c794833297a4dc367d1440b7a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5806c1.TMP
| MD5 | d8c1cfaa388eae2b53fadca5a0e62582 |
| SHA1 | 51494f25de9001293d8cb2a15f74608737b29899 |
| SHA256 | c34e5e497fc465275b1ac1c20339fbb31c0e1fdbcfae880d063966ae023ba9f1 |
| SHA512 | 726a2f10af1651c227cd031bd6f02b8281f80cbbdb6ad85236e6f6ab50c2cfc49b84386c30aae4e159dcb3dac50608d7a4fcc58a270d8caedbbfa181a017cae0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5ddfea183bd2ee0c5fa0edb26ad77fd3 |
| SHA1 | ff0dd2c71616c8d7b60ef53e188d23b206ab9694 |
| SHA256 | b376909a41529340eb4166ec0d0db54bed705dbbd85fb3d62557f7ee7901b6bc |
| SHA512 | c069e2ed6835d6ab8548179434085552ddf1eda8113d9dcfb6197d59fd7f7413a8f2ff3c518feeb0ca5b85af2d97d6665ba64968659e08bd88f269179044679d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_whatismyipaddress.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | d3f5bc1ea7c70329a015567740c377b0 |
| SHA1 | 9b84fa605734d0fd27ec77f079aba5c2a0d6e2a0 |
| SHA256 | 16600e5816e9f7658f12aa57fd2139fe23db8c577c501bb658c10ba457ce2f8d |
| SHA512 | 1cc88865a079aa55a56107f83bfc08eaf3c456c61392c9c8a4fd5ff3175667721d4d7a31eb5f1c4a2b085120697a2185aebdcdb73b810d5e7f3ebb602a194338 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe583c0a.TMP
| MD5 | adea7052919b57b0e894484a5fbb1b27 |
| SHA1 | 6e86f0ef4eac52ef58160e7da57680fc563cfe25 |
| SHA256 | f5b9b78b8188445d65f4ad0e4782dc139e1b7e5e6964e5183fd7f2a70b66e995 |
| SHA512 | 7ef744942a82280b14d0bd9d7103b0de2eab1016f4b276f4ad106bcf14ca158e2d04a3c30488ccd64be8e63e32f7a1baf0b0fa03faad40bd82680f833c9dfb29 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 1b55fc2b49b3812fece436e978de4739 |
| SHA1 | b0412cbae2b6825e2ecb317f291ac8221a412ac5 |
| SHA256 | 172353655e6b312d98a70465976ad3bd2e7c4b434995c1ed627ed692a8e14a87 |
| SHA512 | b938d87cdce35e49169a2f457f8545e3f3da60a628d4e50a9ae136e8fc74ab82fd4ad6eebf243f48c29f60f1e92ae86e4369b4d48c6d95333972f1ac80631e16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 963650437b27533caa055c393cac3597 |
| SHA1 | c6d0c7b05d9148d61126bd75a3ff05b6fca6bd3f |
| SHA256 | 3b815f97a5a07a8bf50a5aeb170f3cbc039e5a7985e3834ffe7fd9be03b971c0 |
| SHA512 | 37e8fb2cbdf64b23809e03396875f433ce53d8cbb1b031ce880effe76da1b071b3cb46c6f68410bafd98820c8c93bfbe395d037921ef188f117b9825f3dbca28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\OperationConfig
| MD5 | 3f8927c365639daa9b2c270898e3cf9d |
| SHA1 | c8da31c97c56671c910d28010f754319f1d90fa6 |
| SHA256 | fc80d48a732def35ab6168d8fd957a6f13f3c912d7f9baf960c17249e4a9a1f2 |
| SHA512 | d75b93f30989428883cb5e76f6125b09f565414cf45d59053527db48c6cf2ac7f54ed9e8f6a713c855cd5d89531145592ef27048cf1c0f63d7434cfb669dbd72 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\f043dfaa-21f4-481c-b0b7-97cd266f6a85.tmp
| MD5 | d7b87905f9af024441105687a2dbb42c |
| SHA1 | 264fae18ba4f9b15daee413f118f9904d0da6fee |
| SHA256 | 48f955d64b2e08deea412efe11f95fcde2a1e61093a9f557382d908701c40315 |
| SHA512 | c03640457b4a69324464047588e952edaa7233414d740c0e3f6e3b7f353f04ff017ec03670717e250ac43f3ac917ff0f5797c32c4a521c8dfd2b9c60bfc9a1b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4d693f3f1b35f5bfa10d0d08c6c9c8e4 |
| SHA1 | dd243362848ea0e05fdd1844956c62c96a9aa534 |
| SHA256 | eb848422d789346b690bef42084e2fde4158a6e07a4d517ddebf71ca64c316bd |
| SHA512 | 79fc97d61218b5891f80df6d5520a7eec36e132f6ac469551fc333224d694f49b33036655a697d8acf78e789a6c119e2f7c4baf93bd87a76d5234a10e9dc2d30 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 1fc77c5b8df69c729d78f1a0d26c84dc |
| SHA1 | 9e953e01e2de6d6602f1bef2fc15ca6490d13c05 |
| SHA256 | aab1fd748a563bd66ae9a4fc036d55e77bffa2f2bc809e3e993187deb7830e3b |
| SHA512 | f195fbfb5e5c641dd7151d55d0f88f030e7d25dac33da08f4fa195d005d69e29f3610201f8f8bd7f654581a6b6ed085458c496bd057f7636ee4e38c8543223f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | b11dd9f9f3bdf5b2101eec5243937e8a |
| SHA1 | 3ad5bbc41f530a6e7f90f911e7fd983d7d75fc18 |
| SHA256 | f0456ac4cafc1067b22cf004a42acf45b7a05ad0abeaa45b38ccd00d4dc8b585 |
| SHA512 | 9d64301bc1247a6dc5fc7210ebbfe44c81930144faeec0035a8925b397e80f709961f9b5614fc64d785a6dad079630abca58715703b23ed315e92a8b42804b2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 95376f9ab0507634a9988720fb63c2ff |
| SHA1 | e603fda29482ea8be82ae2ae90b13a90d8cc362a |
| SHA256 | 7f693b9adbb2a290e2c98230bfd78f206d0834326f3046ef475d54d64db18356 |
| SHA512 | c8672ddd3b9d12aed3c2a29d05d33e1a8af6b284f20489841734ede7eb0db2d992359c926c470c54137b4ca1056af9a63d2acaa0bb4248eff806004749be0015 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e749920d0441e18c7b568968a7e61b5e |
| SHA1 | d4b437cbc8b7c9477717a40f57349a6484d9546e |
| SHA256 | 871fd6eb78e8cb8fc3ad15ca0b78a5f023c525b2bec1bd1d4b99bf51c530ac47 |
| SHA512 | a5c5e3d73bfa689c07d7c07c74bc6974bc93dbd3d435ab618f6a279e15bc3f16ec6723801d5655ddf9a2b2e075eeb5c1e8a2b156ae359521a56cb75d2906b231 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 4e8c3d815154bc39fed65301ad164b34 |
| SHA1 | e7e77c0fcd0fafa02430b011b314524f98aa74d7 |
| SHA256 | 564a94ec95f3319851f4e4c6bd63f2b36c1ef1d53d3057e4cff26ee7a2a9ad0a |
| SHA512 | 9cfa3990d8b0e394407db50dfdfe8cf4e5b78cbd5534e598a3f3e90971754b131abeab38aa2426079baac72bbf4ca30bcba1ad7d8d30dfb7c8ff4aa54e5d0b4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | a2f2ca69b4d8f20b9ee9b89051e8937c |
| SHA1 | 4a7a82c6f170a3f96236c7cb5e3f49cc3efe4e00 |
| SHA256 | e396c67e6fffb9ec38914d3c86dcc4a89f222032f3e8079cbe8d84427ce17c4c |
| SHA512 | 6092fea69c69130d8ec786ca4951460dba3ed004bc7784aebd87abc53a817c3a81191b386b29e68cdeeea2153bb77601f67e213e3b25dd790aa36aa03c9dccb6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 06373ad85539439f6488c9bfd6cdd05e |
| SHA1 | ff1e10f3c2c57ba460ebebf4e902d870aa9026c5 |
| SHA256 | 74a306fbb75b7bb88b104b1a4bc869e94ab38500062a33b48cf221f3d64cd144 |
| SHA512 | 45be7814ea5ffb6d620242e9374f309be699e4e458e72aadc82144bdb3f572dd67eb6654677498a2210ddf88408ad6a7facd8b66dd9c7ab13f8c856ebb2961d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
| MD5 | b8e21c8a6f3c970c45521cef4900835c |
| SHA1 | 33ab08f4e2f1f94ec593d9bbb41f2793910abd01 |
| SHA256 | b37d6fce214d80b822c215c5d2556c92cce559b303a30d0c61d839f8d05df7f3 |
| SHA512 | 81a9a5c84484dcb259dbd05d30501890560c2413c7ae5ced6bc0fa56486c933a1fb202b75c02453a91957a493d2996b396adc629a0a2f74fb271a1242705d520 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0276f200-a60f-41f1-959f-ecfcfa87a7e1\index-dir\the-real-index~RFe5c0130.TMP
| MD5 | 7b76dc522425aac4475b7b1be96b764d |
| SHA1 | b7df0b4d3a2311ffc6ae0942a9f342c149652885 |
| SHA256 | 384dd0f6f0296eeec368bcad5602503764fb6a36146531720c563d53dd9ffe8b |
| SHA512 | 701a1e0bc374b2fa1c4bc4158d5fa203a29f8b0a5599a61d3363a369651044946571ee4d6351a48338d79fd4705e3b740eccbb840fe0b0a609a214872653ca33 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0276f200-a60f-41f1-959f-ecfcfa87a7e1\index-dir\temp-index
| MD5 | e850207b870265b245ecc38563d26afc |
| SHA1 | d2e5ff8d7aa7a31256a44e417513cf6e54f00d2a |
| SHA256 | 11f7889d48316afc7d980b052334204ce9af43c37098f97ccaf6e526dd10ce74 |
| SHA512 | 27a5277bd1967f2be37ee6e290d4d13130617ea2d8dc2fea57c074e3a74301f1c45e851db91f546767fe26909563a75c37fdcd0a67d05ad6bc44fad227f9d742 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 6c70ec6375edc36f641c70502fa56c4d |
| SHA1 | f5abb7a6b85b4f2e59bb9185afebfd9abac7fcc8 |
| SHA256 | ba45359e4c25c1dd9af906e0aa6788e0b121ac669e343c22aac0293264f476e6 |
| SHA512 | 83d5f3843fdea6c51c473946b1deec415e9080ca76712a8c0789f8ea3918e8ff6992d2e58c8dcb1b45e2bda9fd60e20f757bf8c7929d7c5731d1c78da0fb3d61 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains.dll
| MD5 | f5f5b37fd514776f455864502c852773 |
| SHA1 | 8d5ed434173fd77feb33cb6cb0fad5e2388d97c6 |
| SHA256 | 2778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e |
| SHA512 | b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000e7
| MD5 | c6975c159a1f5fe625ae9cc86f0eae55 |
| SHA1 | 8d585360bf715fc24a220f6b3e9cb79943843679 |
| SHA256 | 54ff81636bf6da76038b97e76a28eb7670d2da02f0079d37683ef42c62e75a89 |
| SHA512 | 6aee047af22ef5055e9bad028e8cd3c16ab75a23f1975e2b3ff4c7e00885962aaf4c6393f588fe2a90067e265bc4e3d79c2ed3343e17542c291f5fa9007f3325 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000e8
| MD5 | f989b3df1da7e8451d64c0ffe01afd82 |
| SHA1 | 6d40a628150a04b2ac77118d21aa0d9c390f9d8d |
| SHA256 | b3dd5fa06cb6876e60aa8ca688701fb3d3632058904efeb7fc68ce8fe160aefe |
| SHA512 | 544d93570f305f9badc0ced4b257de50223769c779094e7d279d1270d8e409224a02eca6d2a887cad337371e43928cefaee10cb5c34bf43c6d1131364360a7da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ed
| MD5 | 30a601af0f9bd1aa668db35bc945329d |
| SHA1 | 53046dcc67ea0559b3c5d26d6e384588e82c67c8 |
| SHA256 | 1e4987038d24d8834ab7fe42193b3b4a93b62cdc081880b2e69f3eae726bb2cc |
| SHA512 | 3359c4546de3d69a11e8500820a05d5c54f21cbd39087406ce6fab71be5cc2d25c29d7bb5879b98b328ccb71cd5f45a32eee0f1cbbae13dc7384bc065817a8eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000ee
| MD5 | a0872ff683806d6af31c4d6cb7ca5a94 |
| SHA1 | b84e3ebcaede7b73aa4829b2e04f45a0a9131c8d |
| SHA256 | 6cd98d426d5b76d7af33dd75636ac3ac3f1e12785ba54cfd35e07cfa860b7bbe |
| SHA512 | 86d439b8d56d207f6511d0ca8ce358d3aba1ed6fc55ed293b4a05ae0dc0b03f927ea99c4f8b827ac1d82d152b0c790e685e2fc9597664bf4c65f6d6c7cbb00e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000f0
| MD5 | dde71fcdeda39a795f4d246906b8db87 |
| SHA1 | bfdef9a3a4902a1d6cc31639e8c3eaf53aeefcd7 |
| SHA256 | 08067416dc6f1bf00a477ed5486a6a6811fb5776d33e0d794ab2eb98798eabb4 |
| SHA512 | e7232f5850cf6724a9f1485217ec66c7059c917d3862a82787f29a5ded68ac687b56827ddf9d81c938f62c9ea685301cca753830b1c89884d0d7de6e99a3d40c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | ec266343dc2af300310ae15b2b43b5f8 |
| SHA1 | f406fc8210f29f7be8450e49666746cdaf5060e8 |
| SHA256 | 86f3d53a4e6dbd1f297f99de264634d4b3a7d7a3018f5834ff8437bf74707bea |
| SHA512 | 37cdea4ca6a4d82d28f46700917d3dc4b28e896415f44afd3513c85f7de3d3ba96f830ee4fd4c79b5218fd4b6b34dd275cf7eb449bc6bd0e0428fabd07a54326 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dcf41b28a043be84d1f9bcaa97902a7d |
| SHA1 | ff7babf7b026d346503a5fd343d25591313fb8cc |
| SHA256 | 5940187a81ba9707b387db6f114252efa43aead0f3800425407d3854b54a7ced |
| SHA512 | cd56aaceaa209e9aa1ba39871f0e72d6e6734fccf081eb103518ac8925a4e24c1e1f61c1c010e6494859f0dc1d06371614136976832ba4c6d5a01d4a28b991fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000f9
| MD5 | d078cb0045231d31fad56f5678c9bd26 |
| SHA1 | 01336bcc17b99af16f8a719ec183f88111368498 |
| SHA256 | c83ae5738830b186a97f553a26249e2fcf1ba7803d6f652b357848569530572c |
| SHA512 | 9e6027813cfc79f4568c29e862ada3d6daf6d16056f80257cfa3bfcaceaa4a5032bb95ce1f4306948cf0423cd1f62f865c51eb88f9e62411e19f9c2dcde95b8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_0000fd
| MD5 | a97ba631ddee8a6e0246fd1cf401c4c8 |
| SHA1 | 4b7ee52813681aaa860afeade2858865f36efe5f |
| SHA256 | 1511755788734e65a6599071677310f6bc12b2c46f63b8a6eb2ae2d01ac33e20 |
| SHA512 | 817e210fa7b34322688a7b39989325c24678fc76f11153a85b2a2549d49abe98319b4cb01a32475650f509f7f8ada5c25c9b44c5316c9d7dfab579cf4f11fb69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000108
| MD5 | 1b90c8b35a01d4fbe7ab2606feddf723 |
| SHA1 | f4d3eabf52452fbd7d703c9f56e49ea135a9f3a1 |
| SHA256 | 4d27f5217826d010314afafea3af47c2aa2a21fcecb8f5783d430be6a09355af |
| SHA512 | 6da9cfd8bac965c6ede948f80c210dc831b80c12b472d3308e69d05335790bf081b13530400bf5e791637c0fa78b66d5683aa140048eb134c6657c2b180181ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00010a
| MD5 | 7c320194047c9dbbb45874f0824c19f6 |
| SHA1 | 7b6a267cd44fc7d5e90df369f0c45d04de5af89c |
| SHA256 | f0db3df7734bab9ad76192fc6fcb49a4d2e58e23f69fa56bd9aee2876129f71b |
| SHA512 | 37b79c5a511238d6e4d4a06b2055eeb7056f4021c642f5775869ea204138857292afc964e22b997b5180bbf55fd896f508aaa13c1476e3ae4096f572e966305c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0f8cba67-2882-49f9-a93c-ebe074dab032\index-dir\the-real-index
| MD5 | 97567462ef00a3e4c1fb006619a6c725 |
| SHA1 | 53c52af4e948340957afc09ef1c169ccb38b085b |
| SHA256 | 4923f167e51e013cb9a9e97c418838c8916962cb5cbc005c71135e5b0ff080e2 |
| SHA512 | a986e35b00d25e0d504083b44bc0fe953c13b3c3564456d82e4e6316ce1dab0038c385992507406cfc18675728f031c19a098de762ddc736c78cb5ecd733a3f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0f8cba67-2882-49f9-a93c-ebe074dab032\index-dir\the-real-index
| MD5 | 5bcc5e5dc2a709213e6a9b398247e49e |
| SHA1 | 19831d093e847d87c8a5d6a0ef865760b06bedea |
| SHA256 | ed25f5596efa93e3803c21068a7a5d8452e300b90b66ddb2ef98feffddfa4e8d |
| SHA512 | cf7425d721b231d6d1ca5a53c18a5a057d9ac8589a9358f9d4f3917301ccf8b792078ba1bda1e30aa75bb28a51a4c1538ab127a0161db1d5a47ac626cca94c20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\80677d48-43bf-4dc3-917e-39252abd9f42\index-dir\the-real-index
| MD5 | 3979226b23f5e39a6cba04155c204885 |
| SHA1 | dbbfd434503f4f0f536a0a921f50b9f14c0b8c65 |
| SHA256 | 45b5f70f592977e4c11535daecf1886001cee26c69b73175cecf3d04f5f46bc8 |
| SHA512 | ab41db565bb0feda7fd74cfa9d46eec1618944008c24c5974b51f8d0062cee8c4f20f65d04d77f53b6d9768477a695b703fab3790cdfb268e1199ff92b881168 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\eb9c8313-73e3-4607-b10b-62fb7b41e872\index-dir\the-real-index
| MD5 | 2733aacdcb9f91280017af3aa5488185 |
| SHA1 | b3eec5fcb5fc7e6d2e5ebd269a21cc2e06b5408a |
| SHA256 | b2fe2f66e896c0a2350ce7afb96c64801a3a98752d3c3c7beffd1fe5e879f7ae |
| SHA512 | d04be677b69fb1207d478602d1665757f0ad4959b5d6e5ec1f25ee04d3b3ce98ad40e65d19cd0a819dedd07354150218b96dd99c7d96d44ff40913a6e02124ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\eb9c8313-73e3-4607-b10b-62fb7b41e872\index-dir\the-real-index~RFe5c94d5.TMP
| MD5 | b0cfb91d504c185d6c669cfa59045f96 |
| SHA1 | 4a81fd928d9f88a66ab0f5b97fbc42abdade663f |
| SHA256 | fae0466ecffbf6aa46523144dc4b669f5c18b8eb69feb92800975d325f6f5dee |
| SHA512 | f0faaba9c8c83c3160552d1ef886d08b0d11761cd53173e60bc93afdafa046d9a44d2a9fdfdac70103ecaa9955cb45b2672e9b44b710f092fcc2fb2bccd1f802 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5ca669.TMP
| MD5 | e3eec095ec7bcad22de4022a1798e197 |
| SHA1 | 678e9828d690f4f157d32aaa34f9b4ca091943c4 |
| SHA256 | a8e070d4104211fdcc5a94790351967d28ae0a77533b3f657c80f3c3d1193b7f |
| SHA512 | bd8c44442c0063b48023e1c3e599d8a039bb66927e0c8b73d31aa80fdd40ef313762821a56a778d0e8da81465ca4d82bc95502d1ff99fa4db3acdb13c8577a7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | a253a187bdfe482eda2b10186a1d36fa |
| SHA1 | ff014b3a01f3015fdd5220205060b4e8153859bd |
| SHA256 | 4c031978a3a3be0b93bce202620e2e549b0582c1fbcb14554d37c529a9393de0 |
| SHA512 | fbbaf481d97b47167432680dccf6f112be36f634bf6941e3976a3e8a3d302f297bfd5037b395ed263f9f8ea5215a2576917bebc54620bf5f2801037c96cca9b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3287e7ecdccc3711e291fef9ca9f2f1b |
| SHA1 | 02730f1c7a955df9b7d22c348170de938cfe71ab |
| SHA256 | b13869bb187a63226e843d480df5feedcbc226d5b5b14fb721294be9136ee8bb |
| SHA512 | 2ccc8a938dad5af1af32501b026f3eb66be1d52d0b568111c1fff8229f37c45819678feebb69452303d41ed7f2c5988718e60142dfabb6d583ce4ac8d3171a3a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\0276f200-a60f-41f1-959f-ecfcfa87a7e1\index-dir\temp-index
| MD5 | def843d4f044c09b1569055bf51710e0 |
| SHA1 | f86fd489ae265d3109b27d505b8871cfcd125019 |
| SHA256 | 0a21d1f5388a7a6073c74a7cfd9ad4219110573e275b08fdb13ec72e9a19fc06 |
| SHA512 | ce260069da6720359deac081200286aeecf689dba3b41cd626cbaeeca9869bbb5c4321c4102c1781d83aa5912e094b40c056febe878bada6eb6932f8378b94ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 54403e89bfd1ea295bfe0db9c309146d |
| SHA1 | 7c01376e6c29747f0b672ed2d1efac55a799870c |
| SHA256 | e67580eb2a9578924a75667a724f3c553b71077a73898820fcd24c519ca6f66a |
| SHA512 | 44188d2525a121ecdb1ed1c33ac22d75c1a900e5cb5369e419d4f0cddde686c45decf124cbd1a6c45c577712a9e0bc2f8c8b34240201d304797cf77544c77e2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 3881c23105b935a5a97f05cc90566ee3 |
| SHA1 | 287e933233195e7484c5406ace58478c8452bb3b |
| SHA256 | 3071b5909c79f3344c3068fe5fb9266d6cc37d69a45af8c9609abaad74982171 |
| SHA512 | 21fbffb4d23a3220feb0ccc12767f4db3ba1a27df1040f61f1ddf9e570314ed335f64d8535a98fe1fe813280a39472562ce9b65d67dd3fc6162a728656a332a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 09235c35a19549b0f41cec824a1d3c80 |
| SHA1 | c35113a3214a5fda5e76dbff212a82f6ea340605 |
| SHA256 | 45d47c1e6b1244e8300ad91db9602e1814bc64f7f0847e1a371af1468633d780 |
| SHA512 | ddea500b35af4c43ff830acb8e0e17f48a58a022e69b8e24c921bafa62fd8417c6899feb85f4bf24bc4af2bec22b735461466fd4439c14729be92c5b5cff0ad9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 1cf53ab2537523860803b1b14f5fbfac |
| SHA1 | 57cae5a6513a76fa2cb41d50ff9beadf334e0542 |
| SHA256 | c2dbc4970ed2c058bb2ef390c03b16aa420dd7fd0a99ed298688c959a75add72 |
| SHA512 | 2a16c074c3f0f04e8eb8dd772763693f48b8e1f91e8134b93e58fae8a122362eda5211eff1c9da3fc56af949d6dfa25d2c7a3b59712f680b517297431d4baa7a |
C:\Users\Admin\Downloads\installer.exe
| MD5 | e44abccd35d8a7543a2e7ed18e623284 |
| SHA1 | d9efb57305cf5d1f96992f435aa04e8b3e0f98ed |
| SHA256 | 4740dd6787a96ad1405f8bd2bf9b7d92dbb6c9222354f74f23a165e551b2ceca |
| SHA512 | 63bb6ad547a173f51f12b88f3b5df814166f3ed7dd08a8349b43a438d8963c237eb02a46f210ab5f019bb05a9d6607a7d15cbd77a1308acb825b57b5f38dedee |
C:\Users\Admin\AppData\Roaming\Anti-AFK\7b67a79847ede0dd87bc17ba20cbfc5f\7b67a79847ede0dd87bc17ba20cbfc5f.bat
| MD5 | d1d872234682b1cb3b29be769db40e08 |
| SHA1 | d1cff67620ccaaf173d1de7185ed28a267b6161d |
| SHA256 | 948ccf513c1b7790ba186c85c68ba169fba795af87efd9575560ffd9f6170668 |
| SHA512 | d535ba0079a455d2c41a3332d645e9490a9f0160e9c8713fbd873a98bb98cc72777462bd327bce2c6ebcf09f00b9d572308a173424c154de6c8f9b2c56ea5b85 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 3d8cdf194419d2554ab3d95fcd325296 |
| SHA1 | 15f1acbfcc65cb089d427340ab88a7142f006c1d |
| SHA256 | 09f0dd0eef575add0047e2fd2b8141657c9f960b892b2727e87b9cb70a8d6f6a |
| SHA512 | 00781abda4112214b46cddbd393e01ee7e852b7750f80482533805a64a71cf739a455a73129c6a7621dae7b1cbb921a59c02ab17afe29088b4360824c314a849 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3d912fefd7df7b2a99cac1e130e86046d69e3581\index.txt~RFe5d7727.TMP
| MD5 | da3a93577d0ebcffb242e3d6ce478dc0 |
| SHA1 | 2559c8927d4ff3de912d0db0bb844b078d2181e1 |
| SHA256 | 3dfee9849365ffaf012d37269e2cdb5ab1a7cdafd29854dcaa95513e7f16d517 |
| SHA512 | c6f01b2dc834a55815d3b26ea507b8cc6bf3c073df507ac82935578cfb87bacc6862bae272880d1879f0cb39cd4d11956a3ed1ec664580fe748d52a216212c58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3d912fefd7df7b2a99cac1e130e86046d69e3581\index.txt
| MD5 | bf25b01552f9873388fee8ab3fff13db |
| SHA1 | bca0e2a92b3a438b208e0a10d1f56169fa25a5f8 |
| SHA256 | 56045dab8aadc66c849c0ffd5c621cd4d69a60b74ee5778b9206d54a4d49ec7b |
| SHA512 | f60fc3dc19f3c361c4ce4b6acb2282aa38aba59f22bba3648db7c52a8127e35f7e478ccd2bdcfdeb21f06e78f81d8b7c96a1f43a2fbd34b0c6e587d76663b05f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | ec171cdbcbb0b39be683adf21ac2f5cf |
| SHA1 | 7e9c52021937242133cdca69d82f23f728ef3d17 |
| SHA256 | ed6ba135af41f46caccb24c0f296903e154f93246129ed3bb4e8e862fa7e6a43 |
| SHA512 | 972b1e07151205eef4437e5adfac2cb75eca6c62025d0404a2396ee828395d152597771f2d6476fd94cb59e0c49afbff20f67e962a20454ca18920af22261ecb |
memory/1060-2896-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2898-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2897-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2902-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2903-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2908-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2907-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2906-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2905-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
memory/1060-2904-0x0000021CF6650000-0x0000021CF6651000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 484cfd425030d982d9ac237918362791 |
| SHA1 | 63a0750d2fc4224f9c56d7098e46beadc1d58a57 |
| SHA256 | 681584fc43246af273907527e67790e403ae85124d45539b2d216d8360ca4b99 |
| SHA512 | f9f1e3b9bcc51664416dd9ba77339e141d852886bff566d5b7ff0eea7db00edf60aec7ba2576334005fae7c5e05e7adbf1efba84ea4f1fd74189f1b7d843d355 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-bn.hyb
| MD5 | 8961fdd3db036dd43002659a4e4a7365 |
| SHA1 | 7b2fa321d50d5417e6c8d48145e86d15b7ff8321 |
| SHA256 | c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe |
| SHA512 | 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-mr.hyb
| MD5 | 0807cf29fc4c5d7d87c1689eb2e0baaa |
| SHA1 | d0914fb069469d47a36d339ca70164253fccf022 |
| SHA256 | f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42 |
| SHA512 | 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_1999830951\hyph-nn.hyb
| MD5 | f2d8fe158d5361fc1d4b794a7255835a |
| SHA1 | 6c8744fa70651f629ed887cb76b6bc1bed304af9 |
| SHA256 | 5bcbb58eaf65f13f6d039244d942f37c127344e3a0a2e6c32d08236945132809 |
| SHA512 | 946f4e41be624458b5e842a6241d43cd40369b2e0abc2cacf67d892b5f3d8a863a0e37e8120e11375b0bacb4651eedb8d324271d9a0c37527d4d54dd4905afab |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_944760328\edge_checkout_page_validator.js
| MD5 | 003fe9be736ed918d1fa5738e03dee2a |
| SHA1 | 1875f50d89bfa23064db1a7c2d80f97e3f4fa1e3 |
| SHA256 | 3bb1b93f917e9d8e76afa18c3f6d88bd7708b26f5142b29b8e977af80e93d8af |
| SHA512 | e6af65d2586da8a96014faeb9ce5986aeecb04145f66b32be0d2cf849d6e56c22c179ac8adb9211e7ab7cc41d9d8e0a8f7910210b8adfd810f13f43563c4c5f6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 818644c5bb8177bb32b6d52f913112bc |
| SHA1 | d1664fdb5028360f1c907fc7e6e587267600709b |
| SHA256 | 9263ce84dafc47daf8dc059afd658184f3e0a696fc3d2fc8e5f7510789b160b5 |
| SHA512 | 5cc28553963b52838b90a1ed23186fd48fe48d44e1019d51b5993515f25a384b11d2b4a750b6349839a6367fb12972ffaea8b4dcbb9e70a6deafca74119fbc8b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 54c4f6dd7ffb37c4a85371e82e3e9ea7 |
| SHA1 | 8bb82c77a7b29faab7713e4f2b8e81d9f274fd56 |
| SHA256 | d9bef799fda598975c3fc68b59b450d0ec793b26b76e9356c33e9810f02e62bf |
| SHA512 | d1cd64cf65f4913b2911304014c5db699cb8622861500721e147f8eaf507301116e43d5d102c056fe50951d69f33fef1818a7be5375a8fb82ad8c330d84e13a9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | fafae33efe9844b1af1c7927afdc29e4 |
| SHA1 | d9520a37fcec57af12f93d186af03bca6c825dc7 |
| SHA256 | 021deefd850fb72ce055c37cf6dc9f6dd47107636200b372b828a87344011815 |
| SHA512 | 2768c6a1b8726745061cd1f17b65cad59adb5a7fe079cd11de5f44b5a0181d59cdc04326b3baf1bc171ab3c16892536feb555535dd3015666d901334944b883c |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Notification\notification.bundle.js.LICENSE.txt
| MD5 | 8595bdd96ab7d24cc60eb749ce1b8b82 |
| SHA1 | 3b612cc3d05e372c5ac91124f3756bbf099b378d |
| SHA256 | 363f376ab7893c808866a830fafbcd96ae6be93ec7a85fabf52246273cf56831 |
| SHA512 | 555c0c384b6fcfc2311b47c0b07f8e34243de528cf1891e74546b6f4cda338d75c2e2392827372dc39e668ed4c2fd1a02112d8136d2364f9cab9ee4fa1bd87f5 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\Mini-Wallet\miniwallet.bundle.js.LICENSE.txt
| MD5 | 7bf61e84e614585030a26b0b148f4d79 |
| SHA1 | c4ffbc5c6aa599e578d3f5524a59a99228eea400 |
| SHA256 | 38ed54eb53300fdb6e997c39c9fc83a224a1fd9fa06a0b6d200aa12ea278c179 |
| SHA512 | ca5f2d3a4f200371927c265b9fb91b8bcd0fbad711559f796f77b695b9038638f763a040024ed185e67be3a7b58fab22a6f8114e73fdbd1cccdda6ef94ff88f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping4168_175079361\json\i18n-tokenized-card\fr\strings.json
| MD5 | cd247582beb274ca64f720aa588ffbc0 |
| SHA1 | 4aaeef0905e67b490d4a9508ed5d4a406263ed9c |
| SHA256 | c67b555372582b07df86a6ce3329a854e349ba9525d7be0672517bab0ac14db5 |
| SHA512 | bf8fa4bd7c84038fae9eddb483ae4a31d847d5d47b408b3ea84d46d564f15dfc2bae6256eac4a852dd1c4ad8e58bc542e3df30396be05f30ed07e489ebe52895 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
| MD5 | ffc9e343b2ef523725bc9ac0053f8119 |
| SHA1 | 9e1aa0c011ae454473c66e784a2c520ad80eb236 |
| SHA256 | fb03d77d90ef0e8de2b682f95351a94b9fdc281a7c6434049f363ff36cfcf97a |
| SHA512 | 43f5c5eb59fdefc6b12e1eb5b96fa11750575ea1ebd8333e8884f796e6b9df156e733968f1da493e5b9a4afac2867f6a272bfad1d050023ac10737935d090257 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | 8ccf43b760493c81b0aceaac426e0d93 |
| SHA1 | 7dd2187863413fa079e38f4bf5481ec39ddde98c |
| SHA256 | de2e208e47e1878b9f147437ec5d2b7726b79dc82d8ea5954ec0ec8e4db17df0 |
| SHA512 | cba3e458878cf53072d605ab977b599e47bdaa994e30d77894f9996c7c71fb7f2825da7f9f2d93ad15d7fef2a7a93829a2a1565a555b74ae081c71a6dbde65cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | f66086c2e6451876674cfcd31b651037 |
| SHA1 | 55daf279eee6fb97c76db6dce70bee862cca9340 |
| SHA256 | 54f8c53a5a53e8167b352494cc56d73a9a90f5b988fa45af73dc5714ebfad6bc |
| SHA512 | aaed19e3b8fbc637a1e8326366d356521ab0563a07cc5816bcd647d78684e4cd88b8b384bd1c0c3a4342a5e5a51d8c7eea3d918444d6a93309d10beec76bc899 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8d841dee0144c4f36bd2981da7594935 |
| SHA1 | d32214bcf686ee0e291c860d17fadf407b9a9653 |
| SHA256 | 8f1a692a38f56a1023abe6b3c0cbd73c27d055e49c8e37fffd2f86038cf83c08 |
| SHA512 | 3a8a82569741ca34a874380c9b41a2ef8030fe4bcb818b1a79d72a6e9e5968fde11cb2a983d46b7e68e348cdf903c28e6bce00b7ecaa8c4f59a72efbfe7033cb |
C:\Users\Admin\Downloads\virus.exe
| MD5 | c7d6c13be45521abe5acfb0032b6b8ca |
| SHA1 | 4053b599abb46af271819a7f1347d3e00c535e73 |
| SHA256 | 273ed586ff38ed4b7f1ddd31099dfc1e6ade9481479d7fb0c94d793e5caa953e |
| SHA512 | 8f10405e6695b629ff1649777f962903c51c41640d215ca8f6ecaa824205627387ef5c1c335a38c53fd9d1be46801d8b6eb649574290559a5539d1a9ab20c679 |
memory/4724-4383-0x0000000000360000-0x0000000000429000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0bc2069e4a3050454a6619dd0ca948fe |
| SHA1 | 6029d3865b448fb08784ec9b42e01b0fed739a16 |
| SHA256 | 5fd85e6e5902d7ea995b02fc5fe761adc052f15d9fe8e0659f54e32408f54a9c |
| SHA512 | e2486a6506c5a589d860dcaafa81fd99c972debcecf3c0a5b1a302222438319f4947aab6a9b8d4674efcc819d09f5d49b24ad823d401cf4393782f32b6392d60 |
memory/4724-4421-0x0000000000360000-0x0000000000429000-memory.dmp
memory/2668-4422-0x0000000000360000-0x0000000000429000-memory.dmp
memory/4724-4442-0x0000000000360000-0x0000000000429000-memory.dmp
memory/2208-4445-0x0000000000360000-0x0000000000429000-memory.dmp
memory/4724-4462-0x0000000000360000-0x0000000000429000-memory.dmp