Analysis Overview
Threat Level: Likely malicious
The file https://github.com/enginestein/Virus-Collection/tree/main/Windows/Source/NoEscape was found to be: Likely malicious.
Malicious Activity Summary
Disables Task Manager via registry modification
Downloads MZ/PE file
Executes dropped EXE
Legitimate hosting services abused for malware hosting/C2
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Browser Information Discovery
Modifies registry class
Modifies data under HKEY_USERS
NTFS ADS
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Kills process with taskkill
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-05-10 07:58
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-10 07:58
Reported
2025-05-10 08:02
Platform
win11-20250502-en
Max time kernel
232s
Max time network
233s
Command Line
Signatures
Disables Task Manager via registry modification
Downloads MZ/PE file
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\CookieClickerHack.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\Trololo.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-as.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-bg.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-cs.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-da.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-gu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-pt.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_689067968\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_630909388\deny_full_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_630909388\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-sk.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-und-ethi.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Filtering Rules | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-de-1996.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-gl.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-te.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_630909388\deny_domains.list | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-eu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-lt.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-lv.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-ES | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-hr.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Filtering Rules-CA | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-en-gb.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-en-us.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-es.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-hy.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-ka.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-ru.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-ta.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-FR | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_630909388\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-la.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-mn-cyrl.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-DE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-IT | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-RU | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-ZH | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_689067968\sets.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2102106451\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-bn.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\adblock_snippet.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2102106451\typosquatting_list.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-et.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-pa.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-uk.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Filtering Rules-AA | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_689067968\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-it.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_689067968\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-cy.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-de-ch-1901.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-hu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-or.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\Part-NL | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2102106451\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-el.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-fr.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-nb.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\CookieClickerHack.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Trololo.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133913375415679742" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-779059454-4269757009-3780780039-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-779059454-4269757009-3780780039-1000\{A3CE7C0F-2F54-4141-9D6B-5ACEEE01BD13} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-779059454-4269757009-3780780039-1000\{712E70BF-EE1B-4F1F-945E-1302C08DD565} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\BlackDream.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\CookieClickerHack.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Trololo.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SYSTEM32\taskkill.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/enginestein/Virus-Collection/tree/main/Windows/Source/NoEscape
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2c0,0x2f4,0x7ffaf055f208,0x7ffaf055f214,0x7ffaf055f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1828,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=2192 /prefetch:11
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2152,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=1408,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=2360 /prefetch:13
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=1988,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3352,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=3492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4884,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5144,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5072 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5596,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5628 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5596,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5628 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5432,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5292 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5832,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5844 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
cookie_exporter.exe --cookie-json=1132
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6244,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6324 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6384,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6260 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5944,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6340 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5176,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5800 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5924,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6360 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=5744,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6532 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6764,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6720 /prefetch:14
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6916,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6720 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4860,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=4896 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5692,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=3808 /prefetch:10
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5788,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5148 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5640,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5400 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=5668,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5356,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=3796 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=7036,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=5392 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=4872,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=3768 /prefetch:1
C:\Users\Admin\Downloads\CookieClickerHack.exe
"C:\Users\Admin\Downloads\CookieClickerHack.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4736,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=6560 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6072,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=7172 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --always-read-main-dll --field-trial-handle=7300,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=7192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6408,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=7284 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7316,i,7064592315441691828,2820850248825070425,262144 --variations-seed-version --mojo-platform-channel-handle=7180 /prefetch:14
C:\Users\Admin\Downloads\Trololo.exe
"C:\Users\Admin\Downloads\Trololo.exe"
C:\Windows\SYSTEM32\taskkill.exe
taskkill.exe /f /im explorer.exe
C:\Windows\SYSTEM32\taskkill.exe
taskkill.exe /f /im taskmgr.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x254,0x7ffaf055f208,0x7ffaf055f214,0x7ffaf055f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1808,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=2276 /prefetch:11
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2240,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=2236 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2476,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=2540 /prefetch:13
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4536,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=4564 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4536,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=4564 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4800,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=4836 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=4952,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=4976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5276,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=5332 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4904,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=5360 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --always-read-main-dll --field-trial-handle=5656,i,6390870877247069726,17026111708500397292,262144 --variations-seed-version --mojo-platform-channel-handle=5688 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 150.171.27.11:80 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| GB | 2.16.153.209:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.16.153.209:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.16.153.224:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.16.153.224:443 | www.bing.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| GB | 2.18.190.173:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 2.16.153.206:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.109.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 2.16.153.206:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.110.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| GB | 2.16.153.209:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | studiostaticassetsprod.azureedge.net | udp |
| US | 8.8.8.8:53 | studiostaticassetsprod.azureedge.net | udp |
| US | 13.107.246.64:443 | studiostaticassetsprod.azureedge.net | tcp |
| GB | 2.16.153.209:443 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | o4508134825000960.ingest.us.sentry.io | udp |
| US | 8.8.8.8:53 | o4508134825000960.ingest.us.sentry.io | udp |
| US | 34.120.195.249:443 | o4508134825000960.ingest.us.sentry.io | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.2:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.2:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 2.16.153.224:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 2.16.153.209:443 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 2.16.153.224:443 | www.bing.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.16.153.224:443 | www.bing.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.16.153.224:443 | www.bing.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| GB | 2.18.190.167:443 | assets.msn.com | tcp |
| GB | 2.18.190.167:443 | assets.msn.com | tcp |
| GB | 2.18.190.167:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 2.16.153.222:443 | www.bing.com | tcp |
| GB | 2.18.190.167:443 | assets.msn.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| GB | 2.16.153.206:443 | www.bing.com | tcp |
| GB | 18.165.242.110:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | tcp |
| GB | 2.18.190.167:443 | assets.msn.com | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| GB | 2.18.190.167:443 | assets.msn.com | udp |
| GB | 2.18.190.163:443 | deff.nelreports.net | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | udp |
| GB | 2.16.153.206:443 | www.bing.com | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e99308bfce325a030a8ef6d9781f97f0 |
| SHA1 | 90c63c99e82485a660aad19ccc1579f5b6af7916 |
| SHA256 | 169caa7eab52656efc664b7ae6c0145196eb5c07602aa59e794dd38e7bd0422d |
| SHA512 | c4d7a43fb65a00d517212cfda091d2d55cede59ea99e3f8368382386c7fa078ef33d3ad38a34589a2aef0dc7334752022a2226b5ba1d86ac9935364d7b9511da |
\??\pipe\crashpad_5784_PDHDXWOHYECDFPGN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 420e88562823ca3f395b23d13f66496c |
| SHA1 | af85c0c19b87ad965ebb2b1d628f466a99dfe8ac |
| SHA256 | f15866a511f3f13b09d9f7d41aada5c47ec12db60b551de3101b48b5f08b3412 |
| SHA512 | fd307c3aa0610d88da0ec6ccd3e157187bbbc215f105b5e067d1d0d326da6fa5170129ff334f65dab69a5ffda32c9a18d0a745cc663ba97b2804fdcb2d9ae6e8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | 2634fda2d1ec6f76b6b26dc4b77d6364 |
| SHA1 | d8e62308d00186f4b97c8bed69275340b33b9124 |
| SHA256 | 99a048572bbb5ecdbc93b57ae468eee80b8097ce9772a03eb7dac086b5c72de8 |
| SHA512 | 60f891ac3228f23b8be9ffcba42718aa66ade7afd1fb860003c22699c89ff20187ca682da411768c82ab7ed7d4ab36ccc2cbe1d6b07a5a385bf12290df17232e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bbffeaae613276b53530b9143dbe80cb |
| SHA1 | fb642966e4e9e0efe1ab60215d01123115912bf1 |
| SHA256 | be35730e0b470b7d93fcf5669a92fcd5337988f99ac81107e94ab8f70c9b9f2b |
| SHA512 | 5eaf69e7e2e5fc71f9ec900bc6c5f6e8079aedb3372fee5cbc08b0cfdc8a9ec2bdc2f8e95d918462c8537812b6f9976426090c6b9d99eb4428664f8f7f96710f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8c7421bc4532b41cba3d8e05b4b23d50 |
| SHA1 | 782e4c9f9379bcbdd4ab6b7b425da271862a9a6c |
| SHA256 | 759891c025dd6df8f587651779169fa82e016ab08bdd1b0e14d4bfeee52e70ef |
| SHA512 | f12ba8b3a152c4f8b1b133f83cf2adb22bc12616c4fec6c79b37046de50fe6739eaea4507aa8614a67c1e46c47fe8f00dc58792e690aec9790945dde10a73e71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 45d13df293bd6cad9cd920fab8fe85fb |
| SHA1 | 5c75bd2c332ac4f3a25cdb6c5bd22299c23e3780 |
| SHA256 | 8c06b4ba80fa158548ba808ca59eb6b43b40355b09173f0ac5014546deb68071 |
| SHA512 | b37ce578bfe38090b10c1c740c7a2b39b78063ab827fa8bf2f9f363e2f8eaba95521af4cb4e3585409d30dbee31e43be87cfbb4365fab1f99e7215ed24ec4aaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 563580c53a186c6fda68085b059dbd7a |
| SHA1 | 673d5ff02885119b65d1398dd766f30b145589f9 |
| SHA256 | feca7235ee894cba6bc7df395eaaff655971319ee10cf492fbb0dd2378dff62a |
| SHA512 | 7052006b63728b6c0d986258d06364dec7da4dc9b3a51dc717321a538276f2adf3e8360949509ff843753a0b69ff49728680e60a06e4d549ad524b0698c73c42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe57c004.TMP
| MD5 | 266fcf7ae05e4885dece090adfe1f325 |
| SHA1 | 308b493b4a3c3320f645763aa6cd0a8e14421c4a |
| SHA256 | b062a1c9a04137fe432a9c5abbebd404a5270f17e7492ac78dd7b5e54c186b39 |
| SHA512 | 4f66f1e5b09d8d5299c68d0cce52dfc1d326f440d7446504ddba2f560d45b536c9b615c7546a8622d95057869d7bfc5d67777de5074035c8aed7232d0bd8dd2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57f0a9.TMP
| MD5 | 8aea487342f2842d8b7c849f97e0fc3c |
| SHA1 | 3b4c48c7aec2bfa0181851431713f4428e49294d |
| SHA256 | 3957761f3e83a841b69b3163c1f2e2f9e3ce26bc98333e480c632f430774d321 |
| SHA512 | 1da31ccb994ca80a7cfe25c9ea8e2e33ff2eafd098c84886e3a2c5302f5cff5146ee3a2cde5271b274f7e61852bc198f329e62e6c17ff301a42d43adb46178e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5d0ae66e99d05cabff039c29d3720533 |
| SHA1 | f49e567e044ac0c66e57a49f1c14b5b8edefb21b |
| SHA256 | 067d7cda55868fcde73e1cf81eb7e61e6803868de492c73b391fe6f00bfa2517 |
| SHA512 | 92e8ddf5e1e3236f93cbbe4884be25b7a9d7e4f1b4f254a46572bea8805b53b04c604e67dabbbe57c8ec20ea310d1eca7744dc35c782ca6b4484d584bdb4d406 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 0937ccdfe97da46f1ae2d5c6b67f8a67 |
| SHA1 | 533a15d74be3f7faa6a94745d82265b88b29501b |
| SHA256 | 212f977865dabf91f83df710c9ec02786aeba26c614c586e1a34ed6f1ceb294f |
| SHA512 | fc59f18694772be908efc332564a80b53ce42ee199a6a002f35b2998fcf168aed72359c5be1aef71def665c9284e68c0565a8081e1215f33be7afcd58bc749de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 2e0600eaa46107608586ae685e7f8837 |
| SHA1 | e6694c27dd832e297b9300d811aa6111b6d6063d |
| SHA256 | 20807117a5eefd2a70cd18b5eb24135da90b1bf55d034efeedfde95c39e841e4 |
| SHA512 | cbeb8dc8b5bc45b8582b191a89f14c62febf014430f81fdf66b5b8945fb6c143706ec5eb37ce2fdf96a2b01b8a5cf74f2a812f91b324c5ca482f8205e8f0d118 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | abc00830e83e4d1395485d5dca26e049 |
| SHA1 | cf79729c6d7a2a974ee4a20705991a2e3da8b6f5 |
| SHA256 | d8728e89d71ddb0a03c2315a693dc18a45be9477e637eaa2e627b41d603f04bf |
| SHA512 | 079712b9c1ae4c86c36ae5e698118dde7fc239755881cf0ebed3f628ca447ab581d943378b3a5b21ebe87629872f41a53cc51f68606be0d202e084dc5d738252 |
C:\Users\Admin\Downloads\BlackDream.zip
| MD5 | aa50bdf934d5e3e82b343e513cd08d9d |
| SHA1 | 63b4188400fb1028c3fd20c4fc321f3febd87f6b |
| SHA256 | febfa45cfc764dbf6895ce12f312ab85408fce2be85cf52ae11110fced7b1682 |
| SHA512 | 23961f5b0feebb8e9dbe3c53818903286c1f918bd1f396b8e7f8cb5019f94efb996ab2654696ec2ae7d434cb7c2ffa520573024f5d0668634be7799ee570ba47 |
C:\Users\Admin\Downloads\BlackDream.zip:Zone.Identifier
| MD5 | 0f98a5550abe0fb880568b1480c96a1c |
| SHA1 | d2ce9f7057b201d31f79f3aee2225d89f36be07d |
| SHA256 | 2dfb5f4b33e4cf8237b732c02b1f2b1192ffe4b83114bcf821f489bbf48c6aa1 |
| SHA512 | dbc1150d831950684ab37407defac0177b7583da0fe13ee8f8eeb65e8b05d23b357722246888189b4681b97507a4262ece96a1c458c4427a9a41d8ea8d11a2f6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 53a880146332afe7f5a7dec2d3e50bab |
| SHA1 | 35cb694ec140febdb8940dd56b50785f87bcaf3b |
| SHA256 | e7655312764b70953fe08cf84c0dbf81edda8926d8f92448eb5d520473ce4533 |
| SHA512 | 2873f25ec0dced769ee2ddfadb49bb476664f04b34f936a8ad18f0dfe355131926535f1e254f0965481bc92e1d321940f89f39cc269865004373a479c1711cc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 67ec4d222dee7c7f5a71aac1d8b11ba0 |
| SHA1 | 98207534b24f38ae6d2e6ce5deb4a4b0bc26ddfa |
| SHA256 | 0e3aff85c94cbf4c13a9c624c57d9196c028e623ce973079731ecdce7750ccfa |
| SHA512 | 0620320ec9245e9063aac8cc7bdc1f9f5c0eb3a9c45b751b2ff47d4016ab830ea07f6360aa00fdeb0d0a76cb77fdacbabf09ac7ab99b152159baf419360433bf |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_689067968\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_689067968\manifest.json
| MD5 | c3419069a1c30140b77045aba38f12cf |
| SHA1 | 11920f0c1e55cadc7d2893d1eebb268b3459762a |
| SHA256 | db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f |
| SHA512 | c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cacbbbce31771977b97688c6bd2c7374 |
| SHA1 | 543fccda8f4b5781d7cd78b51f17a7e61a50edca |
| SHA256 | a07d92814c31e7852d641d606420be4f89f363bab0d2a8f495992e5f54091386 |
| SHA512 | c44536fb2a0521699eaddf9861c5c38f22723d90c5ce5db9843bfc87b585fcad4020fa3cc1046c2038b890824a779e175c7d970912ee25af37359445cc2773d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 26f9fce46631c73ace29c07ec2680a7f |
| SHA1 | 0127afa70fbca06a4e6ec906649214d439e9cc8e |
| SHA256 | 446a2a373bef14ffe5bffdf411b6c016ddd6c9d0992eaa783ae115384ecaba83 |
| SHA512 | 3fa438bdf8e04cafa08a6e09d05edcbe25e77cfa8359d44d00f01cd1e53d07b6f8da1a9389acf3db34a4487e8b168c425a299755b9ff7bdcdfa0965c18c3981a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | cd91e041e6cac485f9b703cc36c882f0 |
| SHA1 | 75d5d13fde0d47895b6e1ee70f849e78ce2ddce7 |
| SHA256 | b126b7fe5839967eecab5302ec0ead659816c9ee553f70886df48bbcd6274589 |
| SHA512 | f1532ca48b5143ee48c002340b5430851fb2cf8deb80c83cf466b0eac3506c6168e93479404dcca7ef81a43e655346f345fc60d573903847f36a09f7710348de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 6ec98056879385c65a772f9c28439947 |
| SHA1 | 5806abfd2026e76de686953bcdd99cd58f9a3575 |
| SHA256 | 320bffdb879c0fc9346dadbf5aa27f4c206deb6626a09cc3fec5baf38d91c0b6 |
| SHA512 | 0d47ccb4ef2ebfd9d7f26620e3b4394d0d3ad1d5d0b9d8e0b79a4be4e6604e14e2ea5b344c1705dc6652a390e191d1963935d0ca4c0cd257194adb845e861424 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_630909388\manifest.json
| MD5 | 778202dc964e7fb0ab5bed004f33fb14 |
| SHA1 | 932ed013275e2c1172575885246c937c7cca87af |
| SHA256 | 4474f08d1718da148ddb55aeb998886c053f6539c2fee3b3b1796f3855792ff9 |
| SHA512 | 9105af9928af4bcceb2cdc2161137ef6b07f4b97d663bbf27086f80dd266e967a5524aa5aec3f457493a0c4b98aa092aac6bd5062e72cbd4d939402c92093948 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2102106451\manifest.json
| MD5 | ec2d07974ef45152a83c82d09a08e138 |
| SHA1 | cdfca8778648c74844b359b2d0f1d405302de8f6 |
| SHA256 | bd6ad3cd015f36a4958892945f666703aeb10b2999422f58b699ba2d0895fa87 |
| SHA512 | a9ec4562f90d2400229c6b30259ba569181398e20ede3dee4e8199a3c46f7607de5f78ab2ca115d83e7296f4e373625790ebe00108f1d0568b8f6f42cbc26dde |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Typosquatting\2025.5.9.1\typosquatting_list.pb
| MD5 | a50b46aa311787328482750c251d2633 |
| SHA1 | eaa327f9a89e5ec13301979f4ce49a36fc871049 |
| SHA256 | 019b9efc88e3e5939912472d7a9e43a8d9b675fff7ebf9b7b445042f6de4b721 |
| SHA512 | a6820b29aa645abebeca3683ceb91372d69d8e589859e03f653ad6b2f3470ce2248603ce265c5d11f3da4833776d22493f3371e8e297591b678fa364bb5dc149 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bc6ea2b2792fd15735d3a4962dfc5ce0 |
| SHA1 | b46384cb752f48e15feb3753796601377fc22bf8 |
| SHA256 | 784d8fd73a8405e6a625ee7d9b5653dbee98c7ede9af5870d027b46d52d14a2f |
| SHA512 | cbd861ee76b7866a75a1a29847bf07d2e7ed6c48f5bb994f5d8d3893244a1df611f73cc42fac572943522520419cc62f6c46560c6666988941b66947f73d5ee4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 7a25ae1663331c63321c37121bef683b |
| SHA1 | 9b209448cd391177d290e7e8b4176de62594ff56 |
| SHA256 | ebc043644f11fe8c9feb8bd97996aaf5d5f607e096b8afb98d6c395305375d99 |
| SHA512 | 1e0c88ca510b0de4e2f9d07e1e2833295f1f4941f409a42f1f9b3c7ad27be47b0455a4e33a520b59ced99b83daa96a716ffdf0129700073231940b8f03fa513d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 75c740cb3a1502e37d87bf8aaca7a959 |
| SHA1 | e3dd9a1a9f9d692a275b208be07d674a277975c3 |
| SHA256 | d93cdbbe197cd7aa6af24de938837624109d3619cd4e3a9ae5a1671920fa4f06 |
| SHA512 | 46f7285f4a0ba417e51f99da703a66acdce5a70e528189f61008b032415aa4b2cb879d31cf1ce8e9deb9ad1d81659aba7779694ef97996dab02341a50d4d09b1 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-as.hyb
| MD5 | 8961fdd3db036dd43002659a4e4a7365 |
| SHA1 | 7b2fa321d50d5417e6c8d48145e86d15b7ff8321 |
| SHA256 | c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe |
| SHA512 | 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-hi.hyb
| MD5 | 0807cf29fc4c5d7d87c1689eb2e0baaa |
| SHA1 | d0914fb069469d47a36d339ca70164253fccf022 |
| SHA256 | f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42 |
| SHA512 | 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\hyph-nb.hyb
| MD5 | 677edd1a17d50f0bd11783f58725d0e7 |
| SHA1 | 98fedc5862c78f3b03daed1ff9efbe5e31c205ee |
| SHA256 | c2771fbb1bfff7db5e267dc7a4505a9675c6b98cfe7a8f7ae5686d7a5a2b3dd0 |
| SHA512 | c368f6687fa8a2ef110fcb2b65df13f6a67feac7106014bd9ea9315f16e4d7f5cbc8b4a67ba2169c6909d49642d88ae2a0a9cd3f1eb889af326f29b379cfd3ff |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_2099676864\manifest.json
| MD5 | 2617c38bed67a4190fc499142b6f2867 |
| SHA1 | a37f0251cd6be0a6983d9a04193b773f86d31da1 |
| SHA256 | d571ef33b0e707571f10bb37b99a607d6f43afe33f53d15b4395b16ef3fda665 |
| SHA512 | b08053050692765f172142bad7afbcd038235275c923f3cd089d556251482b1081e53c4ad7367a1fb11ca927f2ad183dc63d31ccfbf85b0160cf76a31343a6d0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 41d9385a4eff8de6bc016ac17215c03c |
| SHA1 | 35f108bd9028a1145f642c49f6938655f3f1a572 |
| SHA256 | 0860dbf3b42aab9d277167be1098c09debd5e79ccf817ee0f303bf4edc0e443f |
| SHA512 | 042736b92902a0761403d536fe26c4648d1f00a7657591f60069955a97e115e26bfa806c06def9f751e10f27b7a25ddfca029f5b13917b3119b43f27f36cc283 |
C:\Users\Admin\Downloads\CookieClickerHack.exe
| MD5 | bc1e7d033a999c4fd006109c24599f4d |
| SHA1 | b927f0fc4a4232a023312198b33272e1a6d79cec |
| SHA256 | 13adae722719839af8102f98730f3af1c5a56b58069bfce8995acd2123628401 |
| SHA512 | f5d9b8c1fd9239894ec9c075542bff0bcef79871f31038e627ae257b8c1db9070f4d124448a78e60ccc8bc12f138102a54825e9d7647cd34832984c7c24a6276 |
C:\Users\Admin\Downloads\CookieClickerHack.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 8e4ffd99bba92617a61655e57ba280d0 |
| SHA1 | db1acdcaf676c427327efb66b135d6bf5f6175bf |
| SHA256 | 88ff2b00bd9a5cd2ba2936f6235efae3a3700b79d70f6180b5f825ba3cbba962 |
| SHA512 | ed5097c673dfc091f8e3397537ba648c91a4aad9669a0e9cbfb90bebd05d3f0becfc4686b8c54e3384abe410f3b9a8b126fe80f3b98167b146da22b6b824c734 |
memory/5548-1096-0x000000001BCC0000-0x000000001BD66000-memory.dmp
memory/5548-1097-0x000000001C240000-0x000000001C70E000-memory.dmp
memory/5548-1098-0x000000001C820000-0x000000001C8BC000-memory.dmp
memory/5548-1099-0x000000001BBB0000-0x000000001BBB8000-memory.dmp
memory/5548-1100-0x000000001C980000-0x000000001C9CC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f10b3af7a6b0351602bb9d72288c1936 |
| SHA1 | e097023e66a9bc5f947a581a2ef1a8d53dcde17f |
| SHA256 | 1653e96b5b2f0b80c176597937af6eddebb1330771aaf6e72fe6a803d85954b1 |
| SHA512 | bf2a291da3581d51c74a7d355bd927ccbcc814dfaa4c4a86e77c27c05fcd78fe21d08e6c800a56c96945a1fd0a490dc5f58b5a33ab1717b9947b36360f7c3764 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 25097501c162903faa99ffbe0a2b3e62 |
| SHA1 | 65cd33f24077ef385190f20cf3dd0d97b04437dc |
| SHA256 | 5f4f82a63cc98fe829dc6292bbc4976607b72d58e1d4e279915ab20e35829d9a |
| SHA512 | 270b432ca1cb43059d3033fd34fceb68c72053894ac4c0575c74bb46787f49932cec03bd2abbac217918d92d6506c030e328c57a1985d1e44a5cfe3f6086e005 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5784_1597334679\manifest.json
| MD5 | a4edf901d950a9758ffe578ff1b03212 |
| SHA1 | cda83d7736a1c05a7d2cb0b6704653c27b4a4ca5 |
| SHA256 | aaca603fa9d65fefeaa198a93d03f2511de66b6398cc34dde6233eab492eebfd |
| SHA512 | 835d6a31e56d400ace235ee94e16bc1e24bf1477e7e3524180d12b312a58422ce1a579daa423881e50bc2b314e50f5587e6fd98ea68a1ffcf294a7f187cdbac8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.80\LICENSE
| MD5 | aad9405766b20014ab3beb08b99536de |
| SHA1 | 486a379bdfeecdc99ed3f4617f35ae65babe9d47 |
| SHA256 | ed0f972d56566a96fb2f128a7b58091dfbf32dc365b975bc9318c9701677f44d |
| SHA512 | bd9bf257306fdaff3f1e3e1fccb1f0d6a3181d436035124bd4953679d1af2cd5b4cc053b0e2ef17745ae44ae919cd8fd9663fbc0cd9ed36607e9b2472c206852 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Unindexed Rules\10.34.0.80\Filtering Rules
| MD5 | faf01ed2c0020f8fa512ff379d82c211 |
| SHA1 | 233d104dfe718231837e33c5543085b6dba5cd8b |
| SHA256 | 192ca12bc520edee8b5a8844cc870cc4a669fb9c1449dad33a69fc5ce112c750 |
| SHA512 | 8ee475bc419950f08933be92c390087b67a7914825dce81eef4786012bf641f86f447239bb8d08602a407627b3846f12c52f365eae2af32fe5d22d5ee7133c31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bac1d9d6453f2ff9cf460bee8ce47852 |
| SHA1 | f09a3d37e82d7b57533f7526b06c81affbd1ee5b |
| SHA256 | 47c7fdb4e05adbd34d96b458734d1d71c83c2563d4156b19dfab4a29cb18a042 |
| SHA512 | b5765871f90a53a7663bb7db2ed25b14e33046816e2b2e55e8ccde8dfde115a38b4b302414e6f024d0ebfe3a69e23aa85a24420bfb3d6247c99b46223e7f2cb7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 099b85c3c489d764da38f2887ed65e7a |
| SHA1 | f43d92ac2ece69793de096b6315ca73a77e22fcf |
| SHA256 | 788984e0d2106d334c776ea06f3b0d47a85c56b9a15bc852926114d97fc030e4 |
| SHA512 | a91e22cea1835a1be5b5d38c9045d9e9472c9c2ec95907103c98fbcb2cf447a54bfb9a2a0ab3ffaa6638904faeaab212aed708459224b16b8e00faee971247d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 2e46fdb400607d253b499a72f51a5319 |
| SHA1 | 67ff99bb28da0c1d19f50020ae1a0cf5afbfca73 |
| SHA256 | fd43bf3ef2f99b9e0a9ee9e6d3f1c3e96421415aa0b8ed309f9ef6660364d1c6 |
| SHA512 | 7bc7270cc8c1b181ab5331df1dcfe007cc0461d81eabf2aedc97df60a85568d3fb3418a1120b9463d3872a7201123aa085f053f27d8b588cc62423b478d0c866 |
C:\Users\Admin\Downloads\Trololo.exe.crdownload
| MD5 | b6d61b516d41e209b207b41d91e3b90d |
| SHA1 | e50d4b7bf005075cb63d6bd9ad48c92a00ee9444 |
| SHA256 | 3d0efd55bde5fb7a73817940bac2a901d934b496738b7c5cab7ea0f6228e28fe |
| SHA512 | 3217fc904e4c71b399dd273786634a6a6c19064a9bf96960df9b3357001c12b9547813412173149f6185eb5d300492d290342ec955a8347c6f9dcac338c136da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 0e665a1382520e153c89aa2f1afc994c |
| SHA1 | 22024808476e6fe0b945c7c9bf444906b968e0d6 |
| SHA256 | e0c4cc5b93e9239ac412e93d4de1a59267c42a3a5b27bd62149c19611a865e11 |
| SHA512 | 89793b539138a39b2d2b92113cd36dc3bb22d519b85064892e6c664da985e1a080593d8817207e36aa53e0acdc259b958211490916586be2d1f1734c709e267b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b6a88ef572581fcd12433e35844ce5e6 |
| SHA1 | 11741449e679b4d6be55d048a5a414f81f4b18f3 |
| SHA256 | 8660f22a1a129e17ebf87ea7744782e4d9d229b53758a5d910924c26dbefac35 |
| SHA512 | 13694b1e10e38508953b4f4c83891c5db807e47c46c2a6b0aef7051bea25482fb04c57a332093a303fd7f7d79a19de42ec1a12cd5cb14c14c478d32bda7ff6fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 77f231115428df1ae61c19c07653d5f5 |
| SHA1 | a9d330be63ea969636b04ac036d79dc9ab0747d3 |
| SHA256 | 52086d8f1ca9ddeb556ff85914c1e17d29abb42fe8e438293fa99f3c665ee57e |
| SHA512 | f8e735d01467e529194f0a4024ea46a24a8d4b667d1f89d703ed1ed833f9f14a768da52d6c92f1c0e535c4d738f9245f42fd425867d2630959cce981e52dd247 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 5eab148c8b02dc9e78c98aad4e203b20 |
| SHA1 | cdc650831e6a12303c2f8c9fc64f139aceab8c6c |
| SHA256 | 4cdfa671e79c644bf8c78f683bfcd489af318e332388a758118d9f2fc296c6de |
| SHA512 | 954e2c3f1d924661362df7f848d0073ef854d7d23fce6c649cc4cf86612c61981cd44d1ea82b64cb1dc94d27cc347327db3a0c46f2e9467d9e0d29419726f6bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1
| MD5 | 3b7dcd64b365b8b3735894de2733482f |
| SHA1 | d46b62b9bd18e33502cb528098a564771e48c06a |
| SHA256 | 5a0b6f8775b44878dac469d67f281a06bc377413f3b9e1a8e791591340cece2f |
| SHA512 | a14d06a87a49688ffa36cebc00e421dde590f132d33f5134e153315fa01b5493097a867e662b147706c77131edf5bf68bdbe00ec0137e150ce520d969183e7e2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4c3fa29c3509bc0a89be011b915abfdf |
| SHA1 | 3941301486c34deec1217df81a67627dac1904a3 |
| SHA256 | 746c78eb2966b5a6515ba0b1ed580fac7e84253f8d8b5e296301912c9359bb0c |
| SHA512 | 5045024cb68e2348ce70f8cf523b15339bc1ceb1c1ca45e9088f55460ba0535d911bee5bc1412c48c9c43cf248ac9c1bbc47f575a6870686ab84344b1918ec3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 3e45022839c8def44fd96e24f29a9f4b |
| SHA1 | c798352b5a0860f8edfd5c1589cf6e5842c5c226 |
| SHA256 | 01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd |
| SHA512 | 2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
| MD5 | c6e522c466c8716aa4f5ce28927c4efa |
| SHA1 | 14d0e7382f1108c94ec6156c457536d465d1f2ed |
| SHA256 | e8df060b9648bdc0b5edaa039aa0df34770a4c1f3b3f9298c5efb2a81c1ff04c |
| SHA512 | f186ea521f552bfd319e24103f9d4d38b6ba4aa4846356f1407369024c1404e1652654e31eaf8d7302067e449a1a268d5d84a24fb6c801823d018ec184a4c62f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Web Notifications Deny List\2.0.0.22\manifest.fingerprint
| MD5 | c00b0e76dd1d6803e161f3064b6e6692 |
| SHA1 | 0d7fd4a321a38026b31b2b70c6d2a9f84db47fff |
| SHA256 | e3dd51712598d3fc268cf56a6859747e596e79402cdd4099da9a79a4faab8d82 |
| SHA512 | d594f2c56571845110a0b221ec22e06f0aace0602b7035acf32f0af4e3e4e6791bd5c9be1088f3310a5cb4b607014ee3fa6e71ead190be7ddcddde8cddfe2e9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\default_cloud_config.json
| MD5 | 256c40bace492c4e28451ce149d2f9ac |
| SHA1 | b48b0eaf986b9efc91d5c8dd394dccb6d82e2adc |
| SHA256 | f9e4da319fe1f5a7d497c452421f4648a24ec7588f309ebea0f0cd61a6251eef |
| SHA512 | 33b38d1ced015798722180fc8c8ce6daedb18cd5d0e4b3db27d6176c13cf3ccb1bd79f2e68ca390d6eb43ac508c29067e8f1a3ee9f0167cabe37ebbddf6b0ec0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\hyphen-data\120.0.6050.0\manifest.fingerprint
| MD5 | 1d09a9a5e62b846125cd7b929cccbe44 |
| SHA1 | 5271237c4d13f7735689a5acc52e48c491669aa3 |
| SHA256 | 1703e4e777b285aba435e71256890a5fe92d24cb01e0eefd03baddca228eee2f |
| SHA512 | cd2a2acc126ac6a7dcc81088047c894a427a44c5caa96003c1f3521beac3b46c117f0794e564838de14a18a3f65cb7988ba86b404e690ec77a57518247c03fbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
| MD5 | 14e7b00e7e99bcf7c30a9fda6fdbf0e1 |
| SHA1 | c08439044c65a6b36c10698cd99aa020fe01bb1d |
| SHA256 | b6a9f8449d830e8f6114fd1202f6efc7b911b290ee3ca529fb885bed7e839d14 |
| SHA512 | 97c80945acef744fefe44d7c20ceab2e6a623e25f82b18f32757e2f8cd3c77dad57fc4708ed2819934c29a3a079c7f6cb2a22f52bf8ac29b3e0ebe065621022b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.80\Ruleset Data
| MD5 | 3cdc93384b8e09c529d6dcd2f9df18ad |
| SHA1 | 4840919262721c45a058004024748e4ec898044e |
| SHA256 | b55d5717a543625a2aa3671e662bb59201548076fe9c3fb41e604c7f54b8b030 |
| SHA512 | 0994f3d74b0e23f83e92fc72db02d92d5bc7f7a0ea13b8ea92ab8b07ccb97450a101bbfa684159c5b6d56724f64d6fee9c3378f7ad40088b802851c80b7c2ef5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 0eb525d66a5b8505cc6d9e2ec730e7d0 |
| SHA1 | a91daddfa19b13807f098263ee2a982dcc1f255b |
| SHA256 | 625b6300083c63143390be7abfe61f6546a975cb2d9538eaa1ab6594f725d231 |
| SHA512 | e4ab05bf5399a7112d25ccd777802726e5e8948994927d258a7af4246f762bc2179beb0660b7198363b88e740757f6191cc517c91719e27388b65ce09f4e6bc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3
| MD5 | efb31ba42ea54ba88c3ff034226f0ce2 |
| SHA1 | 8a81f6e10a67f62ebd664f5c5dfe2779de334c5d |
| SHA256 | 90489c6bcb404895b555ab28527630a48f98f5d2ccecb020355c0990c0a9074e |
| SHA512 | 3039f65fa72231c05516d16723a2257ed3763d5c9663e22bd2613f5f002ab309c0b54452f44a5e9cc10c909c36698c087b3968ec41115bb1fd1416c0541a57f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2
| MD5 | eb26dc192bead94151d8bdbf92e6aa26 |
| SHA1 | 2363b4ed6b68bd5c49bdb77757fbb79812b80e8d |
| SHA256 | e0b3ddd2bfab18a9c2282d53097eaa3440062c13a39fb8923d825596adeb3fa8 |
| SHA512 | bb3cd36b8f49e61373161940593cdf9d48a9ea3bc1e096b395182b3b2a2c6d7337597df16ba00edd8a1ca234a7013543985c341e19d56f23473607f7ea36fcf8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1
| MD5 | d0b80097fc74c67b6a5ddde30112a316 |
| SHA1 | 9d84631688f9bae6e68de8c3bcf0fee1cf3e7463 |
| SHA256 | d13e86eb88f1ead85835cefd69e963b89fd832d08b5f9425816e5739476b1676 |
| SHA512 | f6daf325cf165580ab2f1797dd3fa71c5389f45b41c2d5a7caed99681bfc34bfa0bd95a061affd5fd0734887293a098f2726bccaa6e6f05c7509d9365b687749 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0
| MD5 | df06ef7a77fb71de10cbbf4f7cd91f32 |
| SHA1 | 794846bb2c78e7e6874bcc959be1dcef0de00e34 |
| SHA256 | cc2ae6724f0751a1e9993286a68460a6c1a5b5feea57cddf7c0b5ce625077d7b |
| SHA512 | 7613bddc4bc35b5d2492ddcdb3c7976765a45db4cce734ddfa21a3806f28ac9eb121f4f718d0c4a0443659956a44ade937a5f3cd53f7de13d58e03562f050b75 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | 8041dc678119888a6c57bd4d2f6e15b4 |
| SHA1 | d918d4ba0da44258daa3ec6d6ec1b4504cdc85ee |
| SHA256 | e052cf3292ca1dbf6762b6c7f87ef4f207b2e4a80656e8d8c280733bfb0f13bf |
| SHA512 | 3f30db4ffce3998833ce905c0676cb54765afd62e2d844181bf741c0bbc1891c9fa16e6536a9295b842cfb466dc169ee7fcbcf880b870c283f3961c1653a478b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 5fe62dd4858378b0c7a29a78471e75af |
| SHA1 | 73067f9a79150c9d2223c78ddf2726875814f45c |
| SHA256 | bab352e4068499562355c493db42394f47700d7922db6d26ddfcb09e10912a8a |
| SHA512 | d14fd06ca42bbd71f87ab1d91d06020476b64d7ddebc0d4ed325164b1f0ba07ed011f637ce21afabe709c55021af3035dce6f4a62ccaa12988db71fa6ce2c444 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 5a83d815588459a9fbce0a394d6a839f |
| SHA1 | 4e7f8886b1e6288f693340ff11ce8e139cb14b9e |
| SHA256 | 12f88f6bdb16023aa25090126dfeb4773436327048ce4061a6561bab163999c7 |
| SHA512 | 5884b796d5b2d8611a621650c5fd45eea7f531e0a3955bc9d7890910240ece4b28f606fe6faaf8e7e0b0f66101155e0d35f08ee2ef841ae9c38c9166a4b92971 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7997c037d296c644fa3b1e6ac0dab333 |
| SHA1 | 163fb4895cdfcb7b0abf4495c2c6efd94e355070 |
| SHA256 | a7824dbd0a2b86b1ae6708531c837f2601871c83ae24440b2fa178f3035b173a |
| SHA512 | 23f8c3ad368b4b6488f5da1cc26812d09d743a466ecbe72199646ee7119323c17c795d07dfbf29f29bca66b8692d473ece079f2eb42ab299a0a50d2ce3d72edb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
| MD5 | 719f725bb1709be7cc3e7375998c86da |
| SHA1 | 11ea3c281a61b3e5be036f929814d40f46d8ce5d |
| SHA256 | 91a7d9c230ecf1bcfc56155b5dbf7c62acc03f1e99f8263cf93da45dbda5341f |
| SHA512 | 3d4466ce84024c2cab962b384670885bac2a5f6e992e3dc6bbf137aa2b1b11f7aa3b67ffb1d8f91e790b1e6152baad20e2aa72e1cb5b469af2ded019eecee48c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 186f308617c276bef642380e84c73fd8 |
| SHA1 | b77392f924929880d51ddac635201b3320ce60a4 |
| SHA256 | 1fc78659310bf1adcb621129fc8c80baee7c0fee9a6dd3683d7221be6ecfc97f |
| SHA512 | 90053f19c608a4ae5b11252202e033e7be8770bd593dd83ab6748ed4509a80aaeb6d91e9e4c31b236314d1532f5e5cc936af7bb5226c5eed93b86ed686dd19a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b6571856-371a-4f7e-b43f-ce86e2b0351d\index-dir\the-real-index~RFe5ad2e2.TMP
| MD5 | dd15c27e3be275d8f881f71ed184f5e6 |
| SHA1 | e5b70584239631b71ec0bacedfc6f559f8be5eb6 |
| SHA256 | 4cae596156e273fe29ce26e6e60ce5ae496168dbb52e1383ee01e7930338e8aa |
| SHA512 | 6eca270f05313db63d569f121f3ceb8a0e32f8e01fbed56abbd6ee1bdfa8a765076eae82bbdd156cdc9a13ad9b67235d297bb08c21105c4763fe9020176da447 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\b6571856-371a-4f7e-b43f-ce86e2b0351d\index-dir\the-real-index
| MD5 | aec2b66e2f070b4413a87adb852d394f |
| SHA1 | 54c53f5777c28cb26e0654ffffe4554b27c2f28a |
| SHA256 | 5e29b69d1263c3dece4674943cdffed953f51747a75ff90ca57ac173c11f79d6 |
| SHA512 | c2eb4b5c92fa3d6e83a9b7cb4213c2fc57142a6d1abb297dae3a2c33754ac7ed51a2c7312a7372aa5d32729d8c9ee1cc592ed3eb05d2f4bb75f591d070af2933 |