Analysis Overview
Threat Level: Known bad
The file https://github.com/Cryakl/Ultimate-RAT-Collection/tree/main/LuminosityLink was found to be: Known bad.
Malicious Activity Summary
Imminent family
Imminent RAT
Executes dropped EXE
Loads dropped DLL
Checks computer location settings
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
Adds Run key to start application
Enumerates connected drives
Drops file in System32 directory
Detected potential entity reuse from brand MICROSOFT.
Drops file in Windows directory
Program crash
Browser Information Discovery
Command and Scripting Interpreter: JavaScript
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies Internet Explorer settings
Modifies data under HKEY_USERS
Uses Volume Shadow Copy WMI provider
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: GetForegroundWindowSpam
Checks processor information in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Uses Task Scheduler COM API
Suspicious use of SetWindowsHookEx
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies registry class
Uses Volume Shadow Copy service COM API
Checks SCSI registry key(s)
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-05-18 12:31
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-05-18 12:31
Reported
2025-05-18 12:49
Platform
win10ltsc2021-20250425-en
Max time kernel
1050s
Max time network
1052s
Command Line
Signatures
Imminent RAT
Imminent family
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor Swift Support.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\rizz.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\rizz.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\MEMZ.exe | N/A |
Loads dropped DLL
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wjoijeiwjdiwdisjpdisjpidosfs = "C:\\Users\\Admin\\AppData\\Roaming\\{vsnvjsfklssdflsd;fkdlsf}\\02j1lkjklfdf.exe" | C:\Users\Admin\Desktop\rizz.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wjoijeiwjdiwdisjpdisjpidosfs = "\\{vsnvjsfklssdflsd;fkdlsf}\\02j1lkjklfdf.exe" | C:\Users\Admin\Desktop\rizz.exe | N/A |
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\D: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | api.ipify.org | N/A | N/A |
| N/A | api.ipify.org | N/A | N/A |
Detected potential entity reuse from brand MICROSOFT.
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\msvcp100.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET320A.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\D3DX9_43.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET33B0.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\msvcr100.dll | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET3287.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET32C6.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET32E5.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET32C6.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\d3dcsx_43.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET3381.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\XAudio2_7.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET3278.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET33D0.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\X3DAudio1_7.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\d3dx10_43.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET3381.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET320A.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET3249.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET3278.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\D3DCompiler_43.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\XAPOFX1_5.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\xinput1_3.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET3249.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\d3dx11_43.dll | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET32E5.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET33B0.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File created | C:\Windows\SysWOW64\SET3287.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\SET33D0.tmp | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\MSI350A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-hub\it\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-hub\sv\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification\sv\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification-shared\nl\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Installer\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}\SdxIconBlack.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Microsoft.NET\ngenserviceclientlock.dat | C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-la.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-hub\fr\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification\fr-CA\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-tokenized-card\fr\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\wallet-webui-992.268aa821c3090dce03cb.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_294624000\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-el.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-or.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-und-ethi.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-ec\en-GB\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification-shared\es\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\Notification\notification.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7A16.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_179800511\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-cu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-shared-components\ko\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\Mini-Wallet\miniwallet.bundle.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\webui-setup.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_1868607973\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_870356896\ct_config.pb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-hu.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-nb.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-tokenized-card\sv\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\Tokenized-Card\tokenized-card.bundle.js.LICENSE.txt | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\wallet-crypto.html | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_1263360017\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-ec\pl\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-hub\th\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-mobile-hub\sv\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_571737064\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.log | C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\edge_driver.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-ec\id\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-mobile-hub\pt-BR\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-tokenized-card\de\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification\it\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\Wallet-Checkout\app-setup.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\wallet-webui-101.079f5d74a18127cd9d6a.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_179800511\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_648076181\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification-shared\ar\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-shared-components\hu\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\wallet-webui-560.da6c8914bf5007e1044c.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI8051.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-hub\el\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-notification-shared\fi\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-shared-components\fr-CA\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-tokenized-card\fr-CA\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-tokenized-card\ja\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\wallet-icon.svg | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\wallet-webui-925.baa79171a74ad52b0a67.chunk.js | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\wallet\wallet-checkout\checkoutdata.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_294624000\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_1868607973\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-de-1996.hyb | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1582835738\json\i18n-hub\nl\strings.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Command and Scripting Interpreter: JavaScript
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\calc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\win32calc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor Swift Support.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\rizz.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\syswow64\MsiExec.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\rizz.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Roaming\MEMZ.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\msiexec.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters | C:\Windows\system32\vssvc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\PartitionTableCache = 0000000004000000fb488f1507cf5a1a0000000000000000000000000000000000000000000000000000000000000000000000000000000000001071020000000000c01200000000ffffffff000000002701010000883801fb488f150000000000001071020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d083020000000000c050e1000000ffffffff000000000700010000e84101fb488f15000000000000d08302000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090d4e30000000000000005000000ffffffff00000000070001000048ea71fb488f1500000000000090d4e300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000fb488f1500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Device Parameters\Partmgr\SnapshotDataCache = 534e41505041525401000000700000008ec7416a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\system32\vssvc.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key opened | \Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Windows\System32\sdiagnhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\System32\sdiagnhost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\System32\sdiagnhost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\System32\sdiagnhost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Windows\System32\sdiagnhost.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{D89EBDE3-33E5-11F0-9FCC-F6F24F99E8B7} = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\MINIE | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\Main | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\GPU | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.4355\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" | C:\Program Files\Internet Explorer\iexplore.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet = "1" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect = "0" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\28 | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133920451068136116" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName = "1" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\TelemetrySalt = "4" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\27\52C64B7E | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\0\NodeSlot = "9" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\4 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0000000004000000020000000100000003000000ffffffff | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2752153267-3560544514-982811242-1000\{A3B1ECE0-B56B-441E-9B2C-E14EE4295262} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\34E0DBE70CA68AC49909005E0096DA92\InstanceType = "0" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\34E0DBE70CA68AC49909005E0096DA92\SourceList\Media\1 = ";" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\4\MRUListEx = ffffffff | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{cac1105f-619b-4d04-831a-44e1cbf12d57}\ = "AudioVolumeMeter" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2752153267-3560544514-982811242-1000\{4BFD9D51-2E64-4570-83D9-AF2913571AE0} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6a93130e-1d53-41d1-a9cf-e758800bb179}\ = "AudioReverb" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2\MRUListEx = 00000000ffffffff | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\SniffedFolderType = "Generic" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6a93130e-1d53-41d1-a9cf-e758800bb179} | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\GroupByKey:PID = "0" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239} | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6a93130e-1d53-41d1-a9cf-e758800bb179}\ = "AudioReverb" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings | C:\Windows\SysWOW64\calc.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{cac1105f-619b-4d04-831a-44e1cbf12d57}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656} | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 03000000020000000100000000000000ffffffff | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5a508685-a254-4fba-9b82-9a24b00306af}\InProcServer32\ = "C:\\Windows\\SysWow64\\XAudio2_7.dll" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{cac1105f-619b-4d04-831a-44e1cbf12d57}\InProcServer32\ = "C:\\Windows\\SysWow64\\XAudio2_7.dll" | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\34E0DBE70CA68AC49909005E0096DA92\ProductName = "SlimDX Runtime .NET 4.0 x86 (January 2012)" | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\Mode = "1" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\LogicalViewMode = "3" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupByDirection = "1" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Products\34E0DBE70CA68AC49909005E0096DA92\SourceList\PackageName = "SlimDX.msi" | C:\Windows\system32\msiexec.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\2 = 14002e8005398e082303024b98265d99428e115f0000 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\8\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\Shell | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2752153267-3560544514-982811242-1000\{37D24AF9-5722-4DCE-B7F3-38F8AD6A8E61} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Installer\Assemblies\Global | C:\Windows\system32\msiexec.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\3\NodeSlot = "10" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\FFlags = "1092616257" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\11\ComDlg\{B3690E58-E961-423B-B687-386EBFD83239}\GroupView = "0" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{7D49D726-3C21-4F05-99AA-FDC2C9474656}\FFlags = "1092616257" | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\9\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\0\0\0\1\0 = 6e00310000000000b25adb641000494d4d494e457e310000560009000400efbeb25ac864b25adb642e000000b5800200000010000000000000000000000000000000be57b10049006d006d0069006e0065006e00740020004d006f006e00690074006f00720020003500000018000000 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202020202020202 | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = 0000000003000000040000000200000001000000ffffffff | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2752153267-3560544514-982811242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\12\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6a93130e-1d53-41d1-a9cf-e758800bb179}\InProcServer32 | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{cac1105f-619b-4d04-831a-44e1cbf12d57} | C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\rizz.exe | N/A |
| N/A | N/A | C:\Windows\System32\msdt.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: 35 | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Program Files\7-Zip\7zG.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeCreateTokenPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeAssignPrimaryTokenPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeLockMemoryPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeIncreaseQuotaPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeMachineAccountPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeTcbPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSecurityPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeLoadDriverPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSystemProfilePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSystemtimePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeProfSingleProcessPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeCreatePermanentPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeBackupPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeAuditPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSystemEnvironmentPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeChangeNotifyPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeRemoteShutdownPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeUndockPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeSyncAgentPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeEnableDelegationPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeManageVolumePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeImpersonatePrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeCreateGlobalPrivilege | N/A | C:\Windows\SysWOW64\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeTakeOwnershipPrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
| Token: SeRestorePrivilege | N/A | C:\Windows\system32\msiexec.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Cryakl/Ultimate-RAT-Collection/tree/main/LuminosityLink
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2f0,0x2f4,0x2f8,0x2ec,0x31c,0x7ffb1669f208,0x7ffb1669f214,0x7ffb1669f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=2032,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=1800 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2164,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=2156 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2564,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=2576 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3520,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=3564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3528,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=3624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4908,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5124 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4876,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5156 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5784,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5740 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5968,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5968,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5940 /prefetch:8
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4864,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6160 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5896,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6184 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6052,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5840 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5576,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6268 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --always-read-main-dll --field-trial-handle=5604,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6732,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6744 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Luminosity Link 1.1\" -spe -an -ai#7zMap2388:98:7zEvent19896
C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe
"C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6860,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6932 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3448,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=6552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=2892,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=7160 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5948,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=892 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=892,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=7160 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3480,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=3412 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3412,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5384 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3424,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6304,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6580,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5316 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3712,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=3596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=5188,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=3696 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5220,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5232 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5208,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5296 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3732,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=3700 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5308,i,13762931300263304401,16590695970500210021,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Imminent Monitor 5\" -spe -an -ai#7zMap28117:96:7zEvent12276
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x264,0x268,0x26c,0x260,0x28c,0x7ffb1669f208,0x7ffb1669f214,0x7ffb1669f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1940,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=2180 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2156,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=2136 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2552,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=2524 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4328,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4328,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4348 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4580,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4572 /prefetch:8
C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe"
C:\Windows\SysWOW64\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Desktop\Imminent Monitor 5\Resources\Redist\SlimDX.msi" /quiet
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 83738F3E324696DC403607FE54C3F2B2
C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe
"C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe" /silent
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srtasks.exe
C:\Windows\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:2
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 6669099C89DBD32E9CA118CE950C7950 E Global\MSI0000
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe install "SlimDX, Version=4.0.13.43, Culture=neutral, PublicKeyToken=B1B0C32FD1FFE4F9" /queue:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe update /queue
C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe" --type=renderer --no-sandbox --disable-databases --primordial-pipe-token=5EAB041DE6B79EB5B3885F21801D3954 --lang=en-US --lang=en-US --log-file="C:\Users\Admin\Desktop\Imminent Monitor 5\debug.log" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5EAB041DE6B79EB5B3885F21801D3954 --renderer-client-id=2 --mojo-platform-channel-handle=1876 /prefetch:1 --wcf-enabled --wcf-host-process-id=5964
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4652,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4512 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4640,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4628,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4608 /prefetch:8
C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor Swift Support.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor Swift Support.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4816,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4788 /prefetch:8
C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe" --type=renderer --no-sandbox --disable-databases --primordial-pipe-token=547F059081FE14C2472BCDE510269EF4 --lang=en-US --lang=en-US --log-file="C:\Users\Admin\Desktop\Imminent Monitor 5\debug.log" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=547F059081FE14C2472BCDE510269EF4 --renderer-client-id=3 --mojo-platform-channel-handle=2336 /prefetch:1 --wcf-enabled --wcf-host-process-id=5964
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4824,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4920 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4928,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=788,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4212 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=4552,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5008,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4992 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3888,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=3108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4484,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4140 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4908,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4880 /prefetch:8
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 5964 -ip 5964
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5964 -s 6552
C:\Users\Admin\Desktop\rizz.exe
"C:\Users\Admin\Desktop\rizz.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c \{vsnvjsfklssdflsd;fkdlsf}\02j1lkjklfdf.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Roaming\{vsnvjsfklssdflsd;fkdlsf}\02j1lkjklfdf.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\Imminent Monitor.exe"
C:\Windows\SysWOW64\msiexec.exe
"C:\Windows\System32\msiexec.exe" /i "C:\Users\Admin\Desktop\Imminent Monitor 5\Resources\Redist\SlimDX.msi" /quiet
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 0926A2BA82C2FC1AE825FA47C28D537B
C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe
"C:\Users\Admin\AppData\Local\Temp\DirectX Redist\DXSETUP.exe" /silent
C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 6BAC6EF7A8A9E0B3D8EBAA04D99EA314 E Global\MSI0000
C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe" --type=renderer --no-sandbox --disable-databases --primordial-pipe-token=0650F2F6FA6A30CC3EF05AACADB65460 --lang=en-US --lang=en-US --log-file="C:\Users\Admin\Desktop\Imminent Monitor 5\debug.log" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=0650F2F6FA6A30CC3EF05AACADB65460 --renderer-client-id=2 --mojo-platform-channel-handle=3468 /prefetch:1 --wcf-enabled --wcf-host-process-id=2560
C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe
"C:\Users\Admin\Desktop\Imminent Monitor 5\bin\cef\Imminent.Cef.exe" --type=renderer --no-sandbox --disable-databases --primordial-pipe-token=B0085FA774AB451160E4A72E7DFC2491 --lang=en-US --lang=en-US --log-file="C:\Users\Admin\Desktop\Imminent Monitor 5\debug.log" --enable-system-flash=1 --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=B0085FA774AB451160E4A72E7DFC2491 --renderer-client-id=3 --mojo-platform-channel-handle=4216 /prefetch:1 --wcf-enabled --wcf-host-process-id=2560
C:\Users\Admin\Desktop\rizz.exe
"C:\Users\Admin\Desktop\rizz.exe"
C:\Windows\system32\pcwrun.exe
C:\Windows\system32\pcwrun.exe "C:\Users\Admin\Desktop\rizz.exe" ContextMenu
C:\Windows\System32\msdt.exe
C:\Windows\System32\msdt.exe -path C:\Windows\diagnostics\index\PCWDiagnostic.xml -af C:\Users\Admin\AppData\Local\Temp\PCWE04D.xml /skip TRUE
C:\Windows\System32\sdiagnhost.exe
C:\Windows\System32\sdiagnhost.exe -Embedding
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\0l1frbip\0l1frbip.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESE425.tmp" "c:\Users\Admin\AppData\Local\Temp\0l1frbip\CSC2CD6FACB77DE4944B5AFDF68A59AEF7D.TMP"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\xdoy2hnm\xdoy2hnm.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESE4A2.tmp" "c:\Users\Admin\AppData\Local\Temp\xdoy2hnm\CSCA8DCEE59319045A598CA7FDB9586D8D3.TMP"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\Admin\AppData\Local\Temp\nixoqpns\nixoqpns.cmdline"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\Admin\AppData\Local\Temp\RESE762.tmp" "c:\Users\Admin\AppData\Local\Temp\nixoqpns\CSC7A410A453358493E98CA2BDE4CB589B.TMP"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3456,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4136 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://imminentmethods.net/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --always-read-main-dll --field-trial-handle=3196,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=5024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=3168,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=5036 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5524,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=5508 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --always-read-main-dll --field-trial-handle=5964,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=5588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=5352,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=5308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_xpay_wallet.mojom.EdgeXPayWalletService --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5192,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=5876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=6112,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=6348 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=5536,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=6472 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=6832,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3404,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=6768 /prefetch:8
C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1164 CREDAT:17410 /prefetch:2
C:\Windows\system32\win32calc.exe
"C:\Windows\system32\win32calc.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=5072,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=6520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=6060,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=6500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --always-read-main-dll --field-trial-handle=6996,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=4876 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --always-read-main-dll --field-trial-handle=6048,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7312,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7296 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --always-read-main-dll --field-trial-handle=7388,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7444,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7644,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7644,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7832 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --always-read-main-dll --field-trial-handle=4884,i,626296244505224979,8487726049215017884,262144 --variations-seed-version --mojo-platform-channel-handle=7848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x264,0x268,0x26c,0x260,0x28c,0x7ffb1669f208,0x7ffb1669f214,0x7ffb1669f220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1824,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=2584 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2544,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=2556 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2184,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=2600 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4304,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4308 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4208,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4168 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4208,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4168 /prefetch:8
C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe
"C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe"
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.bat" "
C:\Windows\system32\cscript.exe
cscript x.js
C:\Users\Admin\AppData\Roaming\MEMZ.exe
"C:\Users\Admin\AppData\Roaming\MEMZ.exe"
C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.bat
C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe
"C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4348,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=604,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4664 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4444,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4372 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --always-read-main-dll --field-trial-handle=4844,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4604 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=4700,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=4892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5372,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5384 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5392,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5420 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=5904,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5888 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x304 0x2f8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6256,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=6392 /prefetch:8
C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe
"C:\Users\Admin\Desktop\MEMZ 4.0 Clean\MEMZ-Clean.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5460,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5708 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+buy+weed
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=5648,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --always-read-main-dll --field-trial-handle=5584,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5564,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5984 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --instant-process --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --always-read-main-dll --field-trial-handle=5948,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5952 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=PooledProcess2 --lang=en-US --service-sandbox-type=utility --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6820,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --always-read-main-dll --field-trial-handle=7008,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=5388 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=4840,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=7188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5636,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=6612 /prefetch:8
C:\Windows\SysWOW64\calc.exe
"C:\Windows\System32\calc.exe"
C:\Windows\SysWOW64\win32calc.exe
"C:\Windows\System32\win32calc.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --string-annotations --gpu-preferences=UAAAAAAAAADoAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAABCAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=5708,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=6800 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=4204,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=1252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7588,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=7592 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7896,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=7620 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7896,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=7620 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=8124,i,5147443005149359038,7917402682858025214,262144 --variations-seed-version --mojo-platform-channel-handle=8140 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 150.171.28.11:80 | edge.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.68:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.68:443 | copilot.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.111.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.250.187.195:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 51.140.242.104:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | c.pki.goog | udp |
| GB | 142.250.178.3:80 | c.pki.goog | tcp |
| US | 8.8.8.8:53 | example.no-ip.org | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | api.ipify.org | udp |
| US | 104.26.12.205:443 | api.ipify.org | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | ge.tt | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 8.8.8.8:53 | edgeassetservice.azureedge.net | udp |
| US | 13.107.246.64:443 | edgeassetservice.azureedge.net | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | ge.tt | udp |
| US | 8.8.8.8:53 | ge.tt | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | ge.tt | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.111.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | checkappexec.microsoft.com | udp |
| GB | 172.165.69.228:443 | checkappexec.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | fd.api.iris.microsoft.com | udp |
| FR | 20.199.58.43:443 | fd.api.iris.microsoft.com | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | redirector.gvt1.com | udp |
| GB | 172.217.169.14:443 | redirector.gvt1.com | tcp |
| US | 8.8.8.8:53 | r2---sn-2oaig5-55.gvt1.com | udp |
| GB | 74.125.4.194:443 | r2---sn-2oaig5-55.gvt1.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | imminentmethods.net | udp |
| US | 8.8.8.8:53 | imminentmethods.net | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 63.250.38.206:443 | imminentmethods.net | tcp |
| US | 63.250.38.206:443 | imminentmethods.net | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | caroutfitter.com | udp |
| US | 162.0.235.45:443 | caroutfitter.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 172.64.149.23:80 | crt.sectigo.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 162.0.235.45:443 | caroutfitter.com | tcp |
| US | 162.0.235.45:443 | caroutfitter.com | tcp |
| US | 162.0.235.45:443 | caroutfitter.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | use.typekit.net | udp |
| US | 8.8.8.8:53 | assets.squarespace.com | udp |
| US | 8.8.8.8:53 | assets.squarespace.com | udp |
| US | 8.8.8.8:53 | static1.squarespace.com | udp |
| US | 8.8.8.8:53 | static1.squarespace.com | udp |
| US | 8.8.8.8:53 | res.cloudinary.com | udp |
| US | 8.8.8.8:53 | res.cloudinary.com | udp |
| US | 8.8.8.8:53 | images.squarespace-cdn.com | udp |
| US | 8.8.8.8:53 | images.squarespace-cdn.com | udp |
| US | 151.101.64.238:443 | images.squarespace-cdn.com | tcp |
| US | 151.101.128.237:443 | assets.squarespace.com | tcp |
| US | 151.101.128.237:443 | assets.squarespace.com | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| US | 151.101.64.238:443 | images.squarespace-cdn.com | tcp |
| US | 23.214.208.45:443 | res.cloudinary.com | tcp |
| GB | 2.19.252.197:443 | use.typekit.net | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | p.typekit.net | udp |
| US | 8.8.8.8:53 | xpaywalletcdn.azureedge.net | udp |
| US | 8.8.8.8:53 | xpaywalletcdn.azureedge.net | udp |
| GB | 2.19.252.203:443 | p.typekit.net | tcp |
| US | 13.107.246.64:443 | xpaywalletcdn.azureedge.net | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 2.18.190.174:443 | assets.msn.com | tcp |
| GB | 2.18.190.174:443 | assets.msn.com | tcp |
| GB | 2.18.190.174:443 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| GB | 2.18.190.174:443 | assets.msn.com | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 150.171.27.10:443 | c.bing.com | tcp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| GB | 18.165.242.4:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.252.151:443 | img-s-msn-com.akamaized.net | tcp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 20.189.173.18:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| GB | 2.19.252.151:443 | img-s-msn-com.akamaized.net | udp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| GB | 2.18.27.82:443 | r.bing.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| US | 8.8.8.8:53 | ecn.dev.virtualearth.net | udp |
| GB | 184.26.56.162:443 | ecn.dev.virtualearth.net | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | api.bing.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| GB | 2.18.190.174:443 | assets.msn.com | udp |
| GB | 2.18.190.174:443 | assets.msn.com | udp |
| GB | 2.19.252.151:443 | img-s-msn-com.akamaized.net | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | tcp |
| GB | 2.18.190.163:443 | deff.nelreports.net | tcp |
| GB | 2.19.252.134:443 | aefd.nelreports.net | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.18.27.76:443 | th.bing.com | tcp |
| GB | 2.18.27.76:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | tcp |
| GB | 2.18.27.82:443 | th.bing.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.110.133:443 | objects.githubusercontent.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:443 | google.co.ck | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 2.18.190.180:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| GB | 142.250.187.228:443 | google.co.ck | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:443 | google.co.ck | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | ntp.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| US | 204.79.197.203:443 | ntp.msn.com | tcp |
| GB | 2.18.190.100:443 | assets.msn.com | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | sb.scorecardresearch.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.msn.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 8.8.8.8:53 | c.bing.com | udp |
| US | 150.171.28.10:443 | c.bing.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| GB | 2.18.190.100:443 | assets.msn.com | udp |
| IE | 13.74.129.1:443 | c.msn.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | udp |
| GB | 18.165.242.4:443 | sb.scorecardresearch.com | tcp |
| GB | 2.19.252.154:443 | img-s-msn-com.akamaized.net | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| US | 8.8.8.8:53 | browser.events.data.msn.com | udp |
| GB | 51.132.193.105:443 | browser.events.data.msn.com | tcp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 8.8.8.8:53 | srtb.msn.com | udp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| US | 204.79.197.203:443 | srtb.msn.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 8.8.8.8:53 | r.msftstatic.com | udp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| US | 204.79.197.219:443 | r.msftstatic.com | tcp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| GB | 2.18.27.76:443 | r.bing.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | youareanidiot.cc | udp |
| US | 104.21.95.69:443 | youareanidiot.cc | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | deff.nelreports.net | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| GB | 2.18.190.165:443 | deff.nelreports.net | tcp |
| GB | 142.250.187.228:80 | google.co.ck | tcp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:443 | google.co.ck | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.228:443 | www.google.com | udp |
| N/A | 127.0.0.1:1234 | tcp | |
| US | 8.8.8.8:53 | google.co.ck | udp |
| US | 8.8.8.8:53 | google.co.ck | udp |
| GB | 142.250.187.228:443 | google.co.ck | tcp |
| N/A | 127.0.0.1:1234 | tcp | |
| N/A | 127.0.0.1:1234 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 839ace8c380fcf513e926597e45b9f0d |
| SHA1 | aae96d5d737114a259be254a0c324894bfa58462 |
| SHA256 | 3d3d488fba90a28dc88fd48e2c6af94c98b1d9b11f86f34a72f614a01cb322d8 |
| SHA512 | 1707414333df4746e486beac87456e6762eba68607aca18b84d420bee3e3fd6dab722f29ea391089573c603d2170512cc72c2c70515ea1b206d93be36e1c4dfe |
\??\pipe\crashpad_1764_CQHCMJFDEGWRPNWL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dff8b711d8a55b233c7c303678cd008b |
| SHA1 | 831ec89bcbd4550f4ad603da1b41ef9fa30274a4 |
| SHA256 | 80350046d8aee2471bf471b3caf01178a07c5d0ec6f288a1180810c8c719c4ca |
| SHA512 | bd59f6dc990e6512e1356eb5c5fd22f4d64ba286738480d1dedda9f36928f3e920fcbe5be077bd87739d1796933bb80bf9adef1ea546375a24b29dcc0cfa5687 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
| MD5 | bf2bbe783c6764f8d94f0b92ed13dae6 |
| SHA1 | 64fd961c662a32545b78a39b5b18aa295447adac |
| SHA256 | bef78d0b44e3ab81c7a9f8a98e774623923076e9b6a78840a27a043b36982631 |
| SHA512 | 35d46cd73a870e13a0cc5727d5762cc26ca63d118e0899a928280cf4d7d3665bbd857a490329fc643dd9a1d2fa7f194de18cbe949755194ab0bc6f10443876f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | b7a0adcfdc84f34d1221bf11e877ec46 |
| SHA1 | bab8cbd43d8bcbad0c45f876dce88011fe256a18 |
| SHA256 | e3c83d7c6fbcf30ae30e713e598863d6cc2a4c49f08f7e52570da807b8f97dc9 |
| SHA512 | e99cbe2ffd7ab1911990602e60850b239e59a05febd6382b35a6bfbca53be75b8ba1bcb5a14766c9fd1216bc22805fd48fcbb0c3e11475baafe3734a42cb5886 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a45e9ba8fbdc512c6733eda5e09dc274 |
| SHA1 | dc6b51392fc67aaf4de3d61e74c380f7d5d7e665 |
| SHA256 | 984aaccc0ba1657ed1698ab48ab679abf6501fe684742aa904d8d782562c8a53 |
| SHA512 | fd4052732b3e3c967e6757d987280efebfc1afc017aeb84aa165511276c58453965e83a6ac478800433e7549b4c43dfe6f9089ff803879c26a64a70cd0e12daf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 049cf6ec5029ca84cafccc2e422a6707 |
| SHA1 | ae1564f8f11ef08609e97ee4aa60eb5c1b7ffa22 |
| SHA256 | 502eadeadaa81c9ecb89d6f5f947a4bade89abde91b852889c95e8ef29bff662 |
| SHA512 | 8f9ba353d672b13f231bb24ea01d16217069d2e7ba0a59d153833f8d151f207e75676db9abe60c047989e32c4840776960039107c4dc960464c2a5ff2ab4c2f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 197b6de4c8f475012a2b18246d31910a |
| SHA1 | cca0fa3849786bea05b664641ad4798e4e4ad397 |
| SHA256 | 83fef64acd337d686b73e999ba924639958d19a4a07f173f423f945360c19ade |
| SHA512 | 7475c8dde5e03cb12495387c37764a07be56fe8aad3b6db4bc3f3891cac69ea1c13a19899a52fb0400e5887c8e6bfbd19ac4d1e8e204e18e827770cd37ca1575 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b805bf1e35e74e3dac5fdac69a493887 |
| SHA1 | 08a87dc1b24e4bce802f8484bbb0d9a1964909df |
| SHA256 | 2196204b0d30f1d7ec0cd1029631f48f259e15eecd866260cd10d21b119a1824 |
| SHA512 | 592ab8f662432babcb8e108c059faeb78eaac469e5c32ccac43d99fa860262561228d35a147d26f99b23c5f19250bdb5f865d0848cceb54d0904193cc9093516 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe580d69.TMP
| MD5 | 138a5c0a24e67a6fa215e8674e03fa83 |
| SHA1 | 30b560ef44a30ae4e6a63d9ea7759957666a06e2 |
| SHA256 | c2e82d9e4a0cbe4a97b24f0223edf529f18406a986e2f19b49cf7806648f7883 |
| SHA512 | cc878bfb6d6917a0a86a5a5b24358e3af46580b6c12f30d11ba20414b8ae7460d1ebab5706fa4badc81546ef8b3f411cc10f1fd4c707c645b96c281970e61678 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0c2bfa4f528b40e8554746463253b95d |
| SHA1 | 0aaa8c9a5fa15c3727acb3ed1283147c6dc7ed31 |
| SHA256 | 5937e6a2ece20b41369958501547c0fa7e579e1155f6ff4dbe6c90edaa75accd |
| SHA512 | 696790aecaa499c9ff3fa80a175a01bcdfbdd3543e246f041f8bcce2ee8b95f0414d2af09dd185481a3e2c67a4228b2d7776dc41479e378d68f7685bba9ea6a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 644fae6259c7a5e1891f0cd63e5deaa5 |
| SHA1 | addd5de63f2dcbf9f627a6cae834296089020a9b |
| SHA256 | 0d136af431de0d64d3aa261c4e677f47a34aa97bd8a08a9e723fc6ebffe9919c |
| SHA512 | 95d6c2b61e20a1ce2a7c1061ccbb5e3f32953ce70f90d847d8bef55325c3704c1b9eb2d4f6fd983281bc48cfc87f13d544e8a4af89d6d7d166b80e78b96d0382 |
C:\Users\Admin\Downloads\Luminosity Link 1.1.7z
| MD5 | cb60cb20b4208cd2821a7bfadf4f5416 |
| SHA1 | c6700b65a12f5a0579c28ceb6d3e82c74e697651 |
| SHA256 | 979edc7dc742215697b342d104e402b21e2ff596f412eb38768fb4e44c35b9aa |
| SHA512 | ecf495236b0d9058c23cc56c134ef48c359090a1600862a68eb979f50e60ed395063c53cad1d9d76af9eed4468ff620bcf1bec31fb66b43b68b0d6baa1bc744c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 2bafe7db4a67dfb45c30d4a2dd05ee3f |
| SHA1 | c258da65ca9bf39b01ab69da6f5076ed5906e0e1 |
| SHA256 | cfd9953791f697acb2060fea4ca8fc082fa839d0389fac87dfc13b8e0ddbbe4f |
| SHA512 | b4d04ab8e089815ada4928833307fe89f1d0536fb46db9b9ac6c66dad0681173aaf75e76227b7043b46a660cdcddc6024ee8be881271908cc3c2cdc49444f79e |
C:\Users\Admin\Downloads\Luminosity Link 1.1\LuminosityLink.exe
| MD5 | 95be46c0dece46ed2663998b8e7a24c3 |
| SHA1 | 1e10ea1f0f4b43b2c254e3e7e06a0470e18a62fb |
| SHA256 | b54322095ba18e1763ddcdea4580662b923b8a393a7c1881ba6d571e28af2b22 |
| SHA512 | faa9b229eacd346afe4d14b669abbe7fc865d5e694656b0c332ce03a1118603c6d028e4a6ecd1329d13166aeb5de441d61c27e229e7a856c2db6d580dcd69193 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 4f09075bd2a21e48676d8e71bcfc7cb4 |
| SHA1 | edf3b968e16e98492635c6382ac7f4b007aff6b7 |
| SHA256 | b418ce4f1cad63bf08d2ea613dd65f03f099457b4511c475eb6a07915a84dd2e |
| SHA512 | 8ca9346ff630b0490545cd5a0c7b3cd36f966f0843df50455441d0fe53bc8bd90b48cdbd0f2740f3e3cd14e5a192224dbc99097d89e7cdca917042eee15d2011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 740d8604356bd97bfaa4d30e50458a88 |
| SHA1 | 238d1f382c3759706f27d769fa07a004bebe094c |
| SHA256 | 9c28c73505499c73572b7a226b975ac14d26fa021b9de225626965009ddec19b |
| SHA512 | 6334944889b7ae1112c34e254948410be19a5917c0646414748c743aa41c06da9f7e4b848c70cbfbd27d0eb84053ed2b14f2163653d7001faf65711d7b8fb869 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 0a7475e598c3a99dcc6fe9cd7694984f |
| SHA1 | 764e86f3e3dda2da17bb3d52e77c8d4e5dea55c4 |
| SHA256 | bccf8f5d44917e886e3e37b87fb1babf23768d193a190ee79a00342e475af7fd |
| SHA512 | 919af8e9bb4792ea84d39bec7c61dbd72d83d68e0a430d1300f41f6c4c95d58beaa6084e346eac7d7c614180aa1a7b65c1f2edf8733fb9ae7959b0402ff4abf0 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping1764_1885848110\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f3b3e9fac18d920d88169c6b7276266 |
| SHA1 | f83dd604ff4d106af34c43e6ca164bd1f112277b |
| SHA256 | 52edda4b947c92ceee8a8f9fc3f4ae8b5640f26197b9e85947244bc9f026b298 |
| SHA512 | 5715d09970c54bdde9e3bb531e6cb66b8a8a6bb9236cda917bb51d20821829352a7fdd8e49207a88b71b67ef6af39244e57fcc4b4943970dc798c0d23e4667c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 219b8f1c7fb8e6207e6ebe69b347b664 |
| SHA1 | 00a52ed082cb4ad4d99c0b978467a535898cbdd2 |
| SHA256 | 445ac860e9b82c4e6c1e0665aad31a372fb675af3f3e2112ec2dd2041054570b |
| SHA512 | 3a6907fc4957135ef75cfd0ec4062ad570d0b8cedf98fd72cfdd910de0f368201cc8f9d661b2183d2e980c05d46dfdf11a77167fc52a9e9b2b280aaaa0e8d036 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | c47fd70295254977f31dfdf29fd8cc43 |
| SHA1 | 95ba2420830f025d9e1d9a3638b7cb847d83f40f |
| SHA256 | e8f4495fa607b9e88076ebd5ebf81b2bf75b57301c52e473232d473a540fe2f9 |
| SHA512 | e5002c353550e788d032a2c43437d852d03be715f716d882effcb46c6b55c7a5cbc0bc283cf3a73fed10f791e12c7ab4a3451ddd81a0b9c0d932225c689e19c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter~RFe5b8edf.TMP
| MD5 | 58e538d891750e0244562c6676452c71 |
| SHA1 | 62bf19ce2a7039839ebe744716b3be72b576bbad |
| SHA256 | 265ca36af85ef3342936fc2f33854afbe72bb997e9e343ad85e2d54ccff29053 |
| SHA512 | 13f41716b0a53db70b60f02ad642ded75c1573c196c808f598b0ead17afd43b69ba80d959dd23544d0a9dad99e6d737586e536306118dbb064c3d49d131eb39a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 613c72db98d48da95cb9abb73ba9a2c6 |
| SHA1 | e8370a64b6ece3d1a56b120d3883a31b3b1531c7 |
| SHA256 | ffd16c239f17130f5cfe6ddbf65dd215645fbd3e69fb29909336983e9107f0f4 |
| SHA512 | 8a777332402fbaaf83d6c5045e3551cd1ead0690aa646a641a0278aa3fdde78c3decfe5c2484e264a6f9cfce684d0f2dde4c059833650ff53e37f6e5e2f6dcf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4d6c337c33d8ff26151fe2265398d5ac |
| SHA1 | 5878912d0dd5a19e3abd713fc1c0a56620440604 |
| SHA256 | f5bef12f252e6b622940ce2fef52bde08708cce5e8ac951ee14ba65479a43c4c |
| SHA512 | 0625be1b9aa1d0c9035c90c0de1809410045b7d6eeb4afda9d48a99aa11d4fdccc4ce1e38dc62abb93b0daa6c8716c08def82810edfa36538e243ae175d98709 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 362738a2eedc7e0436fc494bab1b34c0 |
| SHA1 | de1f44060ec977c5b6a49c3fef1742f87920daea |
| SHA256 | 92b5e4247a1039075bbfb0df335517e4e1b087c4a5db42d1bef5fdce0fd2b732 |
| SHA512 | 10c8257e3b0b57b0c70e35d60322ede5a4e7c1fa5aad9d03cf6960c0c942c860a729fe9ec2d01a1fea37ba75927886eb2fbc63b970d766b32a9c141d036059a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Well Known Domains\1.2.0.0\well_known_domains.dll
| MD5 | f5f5b37fd514776f455864502c852773 |
| SHA1 | 8d5ed434173fd77feb33cb6cb0fad5e2388d97c6 |
| SHA256 | 2778063e5ded354d852004e80492edb3a0f731b838bb27ba3a233bc937592f6e |
| SHA512 | b0931f1cae171190e6ec8880f4d560cc7b3d5bffe1db11525bd133eaf51e2e0b3c920ea194d6c7577f95e7b4b4380f7845c82eb2898ad1f5c35d4550f93a14b6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ae7bcd785ab34ba923552b2d29613281 |
| SHA1 | 5ab455ec0e71429205e0fd6815827db45865654c |
| SHA256 | c31896683c31623775c8f189d22be7c7b2866a3c852eaff997eb1994c965e3f2 |
| SHA512 | 228434291950c0b00cedb6f829870e440479c17366b5aa76e38f69b812413d92dda4ae76914afc25d85b7cbae733455a7dc8d4dd092d2da92c90e24cd8797562 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a664aae7ab108aaf854beeb2c3b698ce |
| SHA1 | 6638ed02a0577aa2533a479ff3d190533dc843cb |
| SHA256 | 1c361be21758bf59b5cc692cac8b7d02085b96a59e1e6ced4202ad50036661e4 |
| SHA512 | e861c0f61c6a2ef6e66a96221e7c2d3d434057ed865bc9f1c1059fc9004a89b889b0687d156ed39205bb37c73e0dcdcb2ef88f7d8275d3b698a4a6d1462fabea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old
| MD5 | d664ae91e0fc42ad95d821b731df5f68 |
| SHA1 | 9672af428696654b1caf606a39b702e99bfae0a8 |
| SHA256 | 9c0993e41974494590a1aa20bb51815ebfad56a05b85ccc5fb06251dbff1befa |
| SHA512 | 445d9c75c66505259cee9e5ac9c6b9f3850d91e2b138c7e2cddf9488ae4f9452a426a982c20178bb32180af11dbc3323603dc7e878f7894c1a87d00110e1dac9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
| MD5 | 9c032f1bb6749c28f3dd369babd6ca14 |
| SHA1 | bdfb5e5f1af1fc63ba863f25bc64bec7be6ddc14 |
| SHA256 | 67899ca37518e3b0714ac7f03d87838ebca78609aa6143a738a07c5427c8e61b |
| SHA512 | 8d5824cb1a91c162f7df781c267a99308cbe32c721acaf5f6f9480da3ffcdff25f5df417018e77a00cc23b6861b822567e054040d3997ef7ec2b845cc4a62c0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\add2f75a-fafa-4d82-a322-cc48f148437d\index-dir\the-real-index~RFe5c3e68.TMP
| MD5 | 64cb93aba373b9ba97767e245519fc5e |
| SHA1 | 5425964db6d560a0fa2971d373ec5f8cc27e2874 |
| SHA256 | 1ed4b89856a87aa2f5e39ea0184a4bf5845989a895fa5fd3bd5c15cac06850d2 |
| SHA512 | 762d998b8b3a8aaa48c1ba5212e99ab1bfc63126ab9badfccdf5b246d8307798287434925bb4d3364d01416c1a8b544061d941f3cc64a7c413a139f0425648ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\add2f75a-fafa-4d82-a322-cc48f148437d\index-dir\the-real-index
| MD5 | c0f5d6f6755ae94655fb6ae0b98acf55 |
| SHA1 | a510e88b75ac814109dc0033ace7375ffc28bb82 |
| SHA256 | 2d0cc6e084cd5816b06ec6f6592684ede2371bbeb67c3a777d4f36ab2fafa9f4 |
| SHA512 | 69701c5890b4aa5bf639356c40b7011877c58afedf963e98c61b47e70c4ea0a8831fcce481637685c6ab0ed7479ef4e36e6fb73bb416e2dded527a8613d9029b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 2fa7e4a3948a55505416f90d839ec8a6 |
| SHA1 | 010367de77a05b6cd6b954dac0e332cb1cc3b51f |
| SHA256 | f44f3cd0c13a30d71c06dcf8473e2048d7d23a8eeed63e87697c72556b60a653 |
| SHA512 | c13fbaf5fe248b5a57835df49b5512bbcbd90583dfdf2ac2bdef7726b0f3c922e784f581c3a79e208a8018d23164ecbbe4868fd52f824703e86e41e901ec8a3c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | f148f76a286133faf4ed6c46d3a11055 |
| SHA1 | b700ac63ae189457eda13a0d1927c7c897af13f9 |
| SHA256 | 7d0c0b6906c71fe17a31bda00d562d6df861b09a74644f603821b632e0fbefae |
| SHA512 | ff459dcb7dfb6f2238366a52b425eb291d71b09a608db2214044969a66c877f1fe7f1aad80cf6b07bf0a5e76b54d631b4b24ba6f9aa434dbe0f7a18a1932cdaa |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\base\assets\images\logo-blue.png
| MD5 | 6dccbb552afe01b5dcc01bc1440fb2fb |
| SHA1 | 3b3c3898a4f0c13cead14f831aa85419d329bbfe |
| SHA256 | c3187ecfbece612c2045b348f29412c5a1331148abbd0f39ffca06e629dc0bdb |
| SHA512 | 0b534fbebc74a2b582c9257c9c7e96250975c499e3c7c2003a800841220228418cf223a7ca784893b14fe5ec60f061983d1123fb89f7a98c78d3ff69854664e6 |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\src\skins\bootstrap\utilities\_flex.scss
| MD5 | 68b329da9893e34099c7d8ad5cb9c940 |
| SHA1 | adc83b19e793491b1c6ea0fd8b46cd9f32e592fc |
| SHA256 | 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b |
| SHA512 | be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09 |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\ace\mode-django.js
| MD5 | 21aa39f3540a2571d64319666e9fa1fd |
| SHA1 | b90f4a9dfbbc4b7103bd68f8674ef945476593bf |
| SHA256 | 1df1906f826191b39802d8d01cba33e710d1953e709e5b69ba71802c1b941b15 |
| SHA512 | 1a7bc673e75531e76f6f19af4c4e80b1a6b71517e4af94e4acc9f36dde58ca3f984eecaa3b778841867a68e0ae21ba5db2e59f13279464a2753b82235c2427fc |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\ace\mode-ftl.js
| MD5 | 2e2788566a3bce2d4f22b6089a22aba6 |
| SHA1 | 1025a0723911a3e24d0360f0fbe338bbe3cc3751 |
| SHA256 | 7d9ec7b2c5759703572654e5fce4e11a40090261f982c255e063623ae27c6325 |
| SHA512 | 614c27277bd4679ce7e894566550bdfacd6ebeecf14832aa1a972cbab70959eeb12ff2057f999906f6023771e50e1d6a892ec32985fc5cc8d61e4f08a039a508 |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\ace\mode-glsl.js
| MD5 | 732d47fa8b5f4cf0de607c513fc0cd19 |
| SHA1 | 97f4b3c0f16044ee1b21b387485e9c9a81f7464f |
| SHA256 | d2062154a2cbf694c2ac92cc361c1fd4b75cfca1fa4cd29efd1cf2ee5a4cb63d |
| SHA512 | 27784f261d12e6cf3b4cbf2bcafdbd653a0d8453007f10e9e54f48d9f3dfc5ddadd1079b63bb4787a2e6fec31e65191a4af71a556490d1a8191d7571cc084b76 |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\ace\worker-json.js
| MD5 | ed0a7c286dbed070aad9f3087fd0f7c6 |
| SHA1 | 7f683121e1bae8e2bd14ccbfe1f14a6bf6c77b5c |
| SHA256 | 12421ba3c74280b22b2b869fb122953b8f3bec398807cac0a5ad98393f1b6616 |
| SHA512 | c74bdc349b11d60c15694647e9abdd03ab02cf0653c86ab54894929b179822da18d49375177b455c74fa44467d6306a42e605e8adba7551276bd81fd151afc4d |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\ace\worker-xml.js
| MD5 | d2fd3fe952b2623376f09a404f4f5e60 |
| SHA1 | b42a14edd978a08a92d11ab0ad18bb3bf495bd2e |
| SHA256 | 2efef77750ea303507bb80e97daa02715405962bc625f7ae49b78fe0ee0658f2 |
| SHA512 | 818e04595b4a0082061fc319954a98b4fb98bf3cf41381cf75a2b8cd7c7d3ec6c6ba716e2bb73603dfbb9bbdd38e8ec841a7dab205c2f419a358607dfbfd0a8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | ab7edb85c81f560cc1848587296db18a |
| SHA1 | 9f14507a82fcd8540ae64807be5c5beb3325d95e |
| SHA256 | 024aa121dad53982203d1526d357144bb38a7002ab38749ee90476a698804701 |
| SHA512 | 4af14cf2c086f31aa2186c8f80219a4404c2cd9172b9121891c8e3d271628f7471cc40be2a98c3f3896e527797f24cf4347e40ce30baab04023683079803a1bd |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\flag-icon-css\flags\1x1\gp.svg
| MD5 | 11614fc421695cb66a88b861caac0c00 |
| SHA1 | bae6d4e64e1432eeae90b6f444614246625b6859 |
| SHA256 | 008c8342887c04e253e6733f66d7659a3e293040526e18f33051878e8daa1466 |
| SHA512 | fec5e616104f06ad7ea0988d45c8be8d3bfbd4c4a2b9773b64a7f292613c37182b8039aa8bc78b32ad239bae9d572dc90cc4be7685cb94e1479610d57f25351f |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\flag-icon-css\flags\4x3\mf.svg
| MD5 | 24841de9d5ad4cebb1be5c4dc19fc89f |
| SHA1 | 8d38104779eb959d9aeae111193e798a95664178 |
| SHA256 | 5b6655c0f9c946f1e248a40762ec9594cd899be8888314cf6e820001148fff17 |
| SHA512 | cb022be7eba50aa2f5d583e14b2304b0c4fa99d1c4def703cdce6d7a4e64376dfff9be19e8f503ce2bc7b1afaa8c0188bb5828c3d15bedfe8086f3364a4fd720 |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\flag-icon-css\flags\4x3\re.svg
| MD5 | 89fc0beb619a912876928692a9c117ee |
| SHA1 | f2ef5484cfb9f1a5c384609e08180b3bd17a032d |
| SHA256 | a60c2ad6aaa047ab4aa814c5b6c3a7b0aa2fd1a681cb40082f10eb556f3bc9aa |
| SHA512 | 46ac9b633259e838c9183b2d7338405593d1d036f43a23fa35a841c2592746a54a7df53da85573c8169885e49cd08e4973d6e41a581d323a806a77d145f0205e |
C:\Users\Admin\Downloads\Imminent Monitor 5\bin\cef\site\global\vendor\flag-icon-css\flags\gp.svg
| MD5 | b41eef1564c4c5c2849c1a2723fe59ed |
| SHA1 | 4bcf9d9db4f945afeac623114e38548b7574955b |
| SHA256 | 72f76bda9ee46ea42faa6f402752a7fe91b97664fbaa4d9562a6d04a749fa283 |
| SHA512 | 5351f07eb2153981b4639fc11e33adc59155b60ecb0cd2a23c004bdb7e5361dd1f6ee52df76aa45d22994dae493a385c20b6e272758397e378080b2a5da59695 |
C:\Users\Admin\Downloads\Imminent Monitor 5\Resources\Images\Buttons\Misc\buttonhidexp.png
| MD5 | 0965f0d1b222986515711b049af26de9 |
| SHA1 | 42989d49425a540db0e318b5967574ed59e8271b |
| SHA256 | 9bb2935f59a8b15ebe12a48a0212fbd36fcb048bd43d4696857953af9df9e5e7 |
| SHA512 | f715d7f8bb2f4180a343c02532f82b862a3842f6b31f4b88f8a5fc7b955b6011cff6d05a133581e69667843c5e05398594a0e57dae8d22444d0d4742a6a8b12b |
C:\Users\Admin\Downloads\Imminent Monitor 5\Resources\Images\ContextMenu\File Manager\view-thumbnail.png
| MD5 | 3256504f96cd017c9dcdee5ad0751472 |
| SHA1 | 77a2fc09bf8dbd743b57880138c8c696526e674a |
| SHA256 | ad80eff5fcc24b97590b7b7b30b7036ba9f054e78ee622bed13ec49c80020579 |
| SHA512 | b305b150b5741df1fdf89fe4f617592473790dc45964a5951c2015eeb7ad09460d90c4f8f93105dbf7757d232ac9cae52fc7505f7e869c6e86ed6ca65b04f76e |
C:\Users\Admin\Downloads\Imminent Monitor 5\Resources\Images\ContextMenu\Main\refresh.png
| MD5 | 36215c5a3c6657364c401f6c593fb793 |
| SHA1 | d13c4dcd5661fff279d390793b5ec938ae51dd0a |
| SHA256 | 9b1067e7c71646bd1a557d31a3398445afa27a8f899d97fe26a052d47e0323fd |
| SHA512 | b78ed56237f4db50013cd312508b9d9942daa36414d599e472db4574e1ca609d600b4e31e74b091b1faeb3b21ff2ec0d38705f4283400231b4eb32b0803897fa |
C:\Users\Admin\Downloads\Imminent Monitor 5\Resources\Images\ContextMenu\System Managers\delete.png
| MD5 | 964d1afcaa92b7b2eda6b86513e511f8 |
| SHA1 | a928c65408cc445667843628474aeeacb86598f6 |
| SHA256 | cee7ed8601de316a2b961d3d78b07cdfdd10bd04266d366ce5e77b425513f515 |
| SHA512 | 0bbc7a1e733cad30a2e26bb0dd21a465dcf3bfac888827f575dd0b2ef7d9dad1e5961b8cfbe91cede72896cd2b21ed0db135822ac71f422bd8dc55198382eb8c |
C:\Users\Admin\Downloads\Imminent Monitor 5\Resources\Images\Countrys\Svalbard and Jan Mayen.png
| MD5 | 2ce917331ee7dbbdbedd716e8e84c7d0 |
| SHA1 | 1d5136c70b7588b147c6631cb64ed409987ff824 |
| SHA256 | 5b799d5d9cc343a2622b80b69eac4b47b7b929ffe20ccb1424c3b357c765c129 |
| SHA512 | 40ba1ee90e66b73393855a6ded1d293820093827dc82cb9f82303a7b86023249b74b1414a7e91469991f37a78dd437253a8d8abcd9879b1d7cc0edbfc5b157fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 070f7f59dd620bf0e06b5bf511249736 |
| SHA1 | 129ecba1263de05ab023b54c9c19664f16728868 |
| SHA256 | 6e287731d4651a93b904b24f3deb2b0389e7cc6bb7f342a7e8d2ad9324945887 |
| SHA512 | 12eaf3bb81b7b438d38f87a8c7caa2b5e51bb4466c792995afc5874ddc5ea4eb3ff9fb294e021f5c640fe3347b5f816ca94cf10749bdea9420055dc314e6318a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c723af0053d1ba494068446c59930718 |
| SHA1 | 7613ebad25e353ef9bab909c375a9b37b699ef2f |
| SHA256 | c6f8a9897276c6604398bcbec8cfe9d88020525194ce8af55896144c72bd8b7f |
| SHA512 | d66d26a1e037103ebb732efc5b0c8f34282b8ad37d675f69c8a68d45e5ac7bd1595c1a3c05dfac0a11815c9404370bf2e4323b87c319b54eefcfcde4ebaa458d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 14d4b80a32d5818be3aa3c9f7d5c6f7c |
| SHA1 | 333332d099a3c19f351e252894750d854220376b |
| SHA256 | acca242556ac74a7e5ac6240acc3af1ba543be7d4d9e4297f08940855b4592d3 |
| SHA512 | 7d427758e7377c68c89220dd444d557db93366af2921bee6e5c70de8738424c3a46a0081eb8e8f875bbc5250e3c6c6a066ef4aa0dfc67f46ca83a80a102fc4bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | c8bf00d6142afc84c44c6bfb80aa8117 |
| SHA1 | 562b69557e522bfd21aba67a1b8e91f5451bca0f |
| SHA256 | fa2b1b1e7a4270ad1d134f1904e9ddcee529dde6eaed5d0b6971afd8d1509954 |
| SHA512 | ad51af7bf4ce20027522f56344bc4080845430443cff804c1d5872ce29efd71cdd75bee8c4d05dc5e808f7a1e85e4ba72168a9903e23cafc8939fcf7361ed19d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
| MD5 | 235471f81233a540f7088165ca9bd31c |
| SHA1 | 626a5b02449afc90809ec833487f096825fccdda |
| SHA256 | 4e484684bda3dcb9c47045a245df1bb8259be61bb656798b566f685f5f132f74 |
| SHA512 | 2bd2fae4a44191b1a2fb64d0e54e140aa0a5040079cdcc77b7e52547ccb2407eaac6384946c53c3b4586651a19ac795e4400a851e94d5a69846d4fbeb3a3606a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 69735b95f668f366f50ac0634d5562d7 |
| SHA1 | c920dce5fa26f24f4e8d31d5316120838e619bf3 |
| SHA256 | f28d8709e66cd55ede052e99a286d7f43e4386e07416cc0b295a982366ee4d06 |
| SHA512 | 6bfc56c7861fe39a8c708775be5477ff4f6f45fe7cf83874d516975ccbb8029f516affe0d0d511a845ebd53c0b5bba026968ae74beeca48f70a55c8d7ada690e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 3e45022839c8def44fd96e24f29a9f4b |
| SHA1 | c798352b5a0860f8edfd5c1589cf6e5842c5c226 |
| SHA256 | 01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd |
| SHA512 | 2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000074
| MD5 | 06683093428834519c100588d3bbbcef |
| SHA1 | d36355db08f9186fc9f502735a5dbb966d139e92 |
| SHA256 | a976b59f11b8e9bfa80d88e3b53e8d2073c3f039a0544066e73f4b58f4ba38a9 |
| SHA512 | 06cca8f8cd9bcf4ed5c972358aa9bd683213f1d58f6a76a5bd3201592ea30803fe56b5fbc7047607111301a67ed1a332be9549578cf73dc04a7f7698c40e4181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007d
| MD5 | 2c5d93f83e9c4810d3fd8257c06f3b56 |
| SHA1 | a33a8a4c75381a0e83e31ff46a2e57dccef1db3e |
| SHA256 | 82eebff2d35e1abd48d48b7ff1908e33059281734c7827b006093fed49e5fee9 |
| SHA512 | 0a03771731876243893af94c7cdb64517647a72830a08ef79055005be8b652b47e0ca1066e3898cdab310f6be18e51901da1c5ec822440f6e69d6b2f5a2aefa0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007c
| MD5 | 7269068e3fa026657b5ff3ebebaa209e |
| SHA1 | c975390a7e9f7e91365154e1b978b5fa3fc3dcfc |
| SHA256 | 3c1d766e208e063a2f5444b73510ac8bfedd8e793dd9a0555c4d26a4e5349537 |
| SHA512 | d7eaedf6cdf6ccbb4cd43c03d57dbcb1c708d7105775ccd8fd0e127f421054a9d8a98afeb0c9fda3cb0ea9d3cb080b75cd80c90ca661d90b09066b0344c70c59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007b
| MD5 | 60c6efabb021c8eec4ba448974887f11 |
| SHA1 | 1df8405943257b9356bae8467615d45151931aa2 |
| SHA256 | 709d97f82663324b2c441d42258d4aa6d8a0334f03c1935b0b43c9cad3ae4305 |
| SHA512 | 714c8fcc3343ad259b3b9681c53063dbd99c0023bcbae51f0f607dcff8cde51cc926d6cfe93be8eb6e2e159ae0405bfc9236df984b47083449130a4c0d7f44de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00007a
| MD5 | a1dcd778b8c06c4299a307532ecd6a40 |
| SHA1 | 722771bfa67e4bb8d614a33bdd1e49b55f79c47f |
| SHA256 | a5f807ccdc864cbed778010004bcf2b3510776ff7963c91fb94daa85aceb8986 |
| SHA512 | 7849c1641343912c3cd4f1f312fc9eeccd4a0030735973cb56b308b204250ee5209c726628ce17926bd84748f26df200993355440b90455c3cca7b71a3fcf740 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000079
| MD5 | 7633f17faf3860581e63f3ecd2e80007 |
| SHA1 | cc4f08b6be64d862f5d3b2f8ce37633ead6f34d2 |
| SHA256 | 8dc80090b24abdb7dc37d39fc0e4f808d97326e24bdd837cc56b2881baa7ef50 |
| SHA512 | 59ebfc1a2ead14cb56ba6430ea9e7f159a7d212fa9ddd24df6133158aad7bec1b333e2bb1e3ce50fe293dccfc57185ca90a1726158d637914c6729ae7e831f3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000078
| MD5 | dd9f92d1a1ee662c1472c992ebbe36fd |
| SHA1 | 8b21e6a4915b02bbd247d8846c6a742c120ed880 |
| SHA256 | fb67845b981f637821eb9e809b9fa1c62d41b1bdb0f84247a5a1297dd6b4e154 |
| SHA512 | e5ea698d8345800a7edfbbf0ac800a6368dedfff9df79d4cf13f507f561312ed6ff68268038be7e7e2ed6d0009ce20ed7d7662eb304e49fe7b6cd741ec9091d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000077
| MD5 | f813ad92abc739744e185e3990efc308 |
| SHA1 | 6391306a6bfe3f30fae3611151c848277c33c31b |
| SHA256 | 28aea16c149f5ee078b34c03cbb8c0eee86663923fc384324cef00f451af764a |
| SHA512 | 3ac8cbb479063ce2ceb339684f86dc87d0a444face209e55de9c68c17c81642fbeec4b64ccea7f424e18b77add3c0caa4bf5d00e5d6f39728d4d61c74120244a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000076
| MD5 | c808e8fcbd7b1f16b43571de07d963a9 |
| SHA1 | f6e63fad7d12b316ebbfe369928a611ab8651fc0 |
| SHA256 | 7602476a314b65b1d5c5347935bfb149a98314729d9dd0a6e7b5184180a70aef |
| SHA512 | 43de56a741c33db1fd23a2776311354a261ab7de427111a546b88c402e6bad2738b961fae1e66db0c7c0a0d438481f84d96335d48f71fd9333aa6374c38e620d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000075
| MD5 | 08bb3ecd4cc910d5500a9e389441a3da |
| SHA1 | 92117d3f779be41e091381b027ed880b59bb2d91 |
| SHA256 | 408816fdce9f5329c6649efb56a142eb7074ef6e8fef5c70ea72a789f07aa132 |
| SHA512 | d159eb54f1fa15221302ba65d08494d12b6b2303fe6e80bda9b049be5d71d805a42147ec038c7341b5570e08a077a0a1f17402ae93f7743c9aa8b2164f40bf80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000073
| MD5 | 7defd708966faefe5c610f256994fb99 |
| SHA1 | 12cbe5e32a480c679457f2738e75aee2618a946b |
| SHA256 | f7a1e98ef42e92cadc8f6232f107ecc0c1507ad11b4e242c05db82ff0ff4c3f6 |
| SHA512 | 25e62926be17e22d979cda3f5214bc4911bbf190bcc7e73f264cb9f97707139fc4779359c1712abddaf3c9adb30f21c006473eec2dd4f9f387281826e247ce40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 2851cd02ce256b4ba2ba0cf6865aeef4 |
| SHA1 | a57426f7d31a507f272e1c45b822d36d9807d0ba |
| SHA256 | 1d6ddf54c6c1b5f0eeb2ee5e16675f71a6999b9883a7be2e394296243b587ea6 |
| SHA512 | 15e5ec5fd5b462203b1d9798ff6f974730c3dfed54c04b2f788f3a4807a9d88ca292abe24009bf6c128ea402db81c7a2da2576705b1e3825f188ee4947a1b274 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
| MD5 | dc56bcb646895d70a929d3c4dab4d829 |
| SHA1 | 89d1043036b6a88e48d05cc1113423442cc66a3e |
| SHA256 | a043cfcb92c7741dd8cb2f5dfb0c36e1c531849d34656d91a055ae54d7599aad |
| SHA512 | 143007d83df578b48d93139c09b0746f1e2cd18128ca074fcc4e8ec192316134383b620799f9b24094fb94566ab11de9b3613a0917f2585c79aae94e714e41d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 51f48eab627aca45c4cfb4653c9ee076 |
| SHA1 | 1731e49e67bce3037f2f2a7ee629f1f3e400b05d |
| SHA256 | 507f88d2e47b91001a328ba6e1c3817299d218bfb79d86b9da4902b85502c67a |
| SHA512 | fe6edb70b7b10fd5aefebcadd5abe29bdfc4ff0670b844922cba8a6d0fc9273afe89dfb6c2b2275def8bc561028c4072e23c0d2192a6110f8c91fb62a272c31a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG
| MD5 | f5dec49833d08dc427d3a5c1f0fc590d |
| SHA1 | e99f5766f98bb7ff97f59eae0e2b103f40e5ac29 |
| SHA256 | 1d61bbb75101aa6441983efeea06c0324799dec5551d22429895bf80e72a7ee9 |
| SHA512 | 36e6372acbb888f682da870e2eb047bfba217b0f8214dd3a0b4f24e00865b1cca03359a551c584a796aac1fc2c1db4c913be95f11ba2a36b3c1fa61d76360703 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 395b11b39ec846ae262efc6cfa02bf64 |
| SHA1 | 54894295d15a3c421597b20036f8a8ad94dd35dc |
| SHA256 | 1061f952c49f002cb86427fac5fbde16cbe5ab92302d7e755002e3585e02aeaf |
| SHA512 | 6e54ec933e582b8fc77cee861afd14164d365c727929d941fde8a92c518e2700857511031697e9e59c690d61002e3e5dd771811e971d9a74310f0e52566a40fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 17ab2f12432683aed77df4a33c214674 |
| SHA1 | 6586e9072aca89b8fc4c046289930bd73f01f13e |
| SHA256 | 3a19993e6cc37c5527f65aaacb229e01610638747614903008f8d82de328eb2f |
| SHA512 | 8572db4a25b1edc0ec93d015f04eb54b22fbd80c95906f5e4bf74155e7039195ced03d9fb3d3191e66dffce0381fbffd90ff565b746282700426a96e31061976 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 472f0102d0f40f5a321e6c0ab877412a |
| SHA1 | d21063a587fb9fbb88fdaf372db0a5f533d51272 |
| SHA256 | 8c99a0f7481ea3a648d82e5c24bd10b6e0190185c7b28c95ac2b879963a54b20 |
| SHA512 | cdb23c051fab2d95dfbe165f085b6ca7a7eae031eb8dfbdff104a16a897814737f2b32bfa846e70abecac24ad8f3094be09298d173b5de59138362cd0133fdb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 8c44d613b59ecc70acfecf93456c92b5 |
| SHA1 | d24c3b8003b2c218018be733d421a140776b5119 |
| SHA256 | 86bb9bcf72903b5ebb851d15062e4e8e4b0008b1d30216369446a61105143617 |
| SHA512 | c9f157ae1e4d9f8d1e5618bc3b5d7d42df980b6614cb2e0b284cb34d185957cf184b3e617dffbdd5c92a7e527bd2f76b776f1a5a63fb3c9117f064ac19cfe812 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 159a22d8faee59fb3f46742252691ddf |
| SHA1 | 4972caa6362d82b5e40a263ceb2de83143617bc0 |
| SHA256 | ec06e1385e57e942e9019e5e117dfe8780b9632bffd82aa0602f2f034fbe72f7 |
| SHA512 | f7af9a7c2674028a3e7ce96cbf018ccbda421c032f9378cba88eb4c8a92b043709b18ef56272b10875805605e308f104d8779e5a088378ba394d10656c46e6e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | deea27b9ec45ecef4f294c8e60676506 |
| SHA1 | 8fcf174998904733b33687e19e12a41c71de7131 |
| SHA256 | ea8ae2f62a9c1ded6bfdf6b03b768ee813c554fb295a8d335b852c342f57201e |
| SHA512 | f1d1eeeba01d7dc29f0853ffcb7fd5c7900be2fbbe7ffac08e21fa6d8805041d115a8bee86eab4099d84bb12557643a65832a464b4dc66f705e56fb9cdfbc426 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000072
| MD5 | 38c56111aaebb40c25dcc7a99d7bd4f6 |
| SHA1 | 9e796c0034f196ca41dbf1934caa7d90950e3bbc |
| SHA256 | b29bd7ebeb234ed14179b4fee4cc81f35cc1bcc98ff04c4acf87e1b64b34767d |
| SHA512 | 5f14062dfdd2f1160c475bb62c563626ee12ad41174b92823d8aabb4ce9f16eec28f1556b38be27cc2fae06946c9806700c4e466c857e76124ade547c0b8085b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
| MD5 | 31fc0ed8388adfafb9ca2805c97b07e6 |
| SHA1 | 322a36b7ba3365a44072c7acd7c5044aa8288980 |
| SHA256 | cd173ee5a67e21ef81178ced7b6a1c1bead5ad757aaff023b9a8f4478bf991ec |
| SHA512 | 78774cc4c1b2278cc23e1c93825d31378f6ef1f0b8f31dbde35361e46513202d04e3f16fdc526c04e4db0a92a5ae773d640bdbca41d2b48bfd00f6270272d11a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | deecb4f5da1522529a5c889301664406 |
| SHA1 | 2a0a13978b2fd094d2cc2db7377b97b3ffc60f29 |
| SHA256 | cc40a734c3bdace971c5e79962382afe5e73fb314e1d08ebedd7b958656ab417 |
| SHA512 | e017654741b0b63b029d0d3042b0507762979ea910e73ca696053a5dfb9dec470206c96eddfb0335481274689601d158ab2fc0871ad52098c01f298737aaa866 |
memory/5964-10882-0x00000000000C0000-0x00000000005C4000-memory.dmp
memory/5964-10883-0x0000000004FC0000-0x000000000505C000-memory.dmp
memory/5964-10884-0x0000000005610000-0x0000000005BB6000-memory.dmp
memory/5964-10885-0x0000000005060000-0x00000000050F2000-memory.dmp
memory/5964-10886-0x0000000004F60000-0x0000000004F6A000-memory.dmp
memory/5964-10887-0x0000000005160000-0x00000000051B6000-memory.dmp
memory/5964-10888-0x0000000005310000-0x000000000535E000-memory.dmp
memory/5964-10889-0x0000000005CC0000-0x0000000006017000-memory.dmp
memory/5964-10890-0x0000000006020000-0x000000000606C000-memory.dmp
memory/5964-10891-0x00000000060A0000-0x00000000060A8000-memory.dmp
memory/5964-10892-0x0000000006150000-0x000000000618C000-memory.dmp
memory/5964-10893-0x0000000006120000-0x0000000006141000-memory.dmp
memory/5964-10894-0x0000000005230000-0x000000000528A000-memory.dmp
memory/5964-10895-0x0000000006970000-0x0000000006980000-memory.dmp
memory/5964-10896-0x00000000084F0000-0x0000000008556000-memory.dmp
memory/5964-10897-0x000000000E4C0000-0x000000000E5EF000-memory.dmp
memory/5964-10898-0x000000000E720000-0x000000000E754000-memory.dmp
memory/3600-10930-0x00000000005D0000-0x000000000090F000-memory.dmp
C:\Windows\Installer\e5e0c62.msi
| MD5 | 90abcd7e8f7c9e08873c44275ac2d4d8 |
| SHA1 | 97fff69036fe18acda871d47ef2475927c919cb3 |
| SHA256 | ae4533a4bb902b7c1e086a2fc5bb29ed3a5bba551267a3cca75f2d5378e3241a |
| SHA512 | b6623db95ffec73b9efd03522498c64db1d0f690eb4c92616d91c3c291636a08ede9852fdb53e1e125596c351fbbacb8e0b8a999f9d57817078bfb45b2f2eb8b |
C:\Windows\Logs\DirectX.log
| MD5 | 4b6fb2123abd18ffedad256789a60eb1 |
| SHA1 | 86ee47234176515cdf6d8bd37df1552e250babf8 |
| SHA256 | 5e1698e0335af06c73c281de38e5a6ff0f117f377f8fc9270dc4dd57fa96ba0e |
| SHA512 | a41c2e3e051ff8fa64fa0213d15c73584f2d37a84f3b7bf12c469250b4543b45d4cfb45dd050324e9941f56c64cb2cfbde46ad4433deb0b375a96d94d913a05a |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\dxupdate.inf
| MD5 | e6a74342f328afa559d5b0544e113571 |
| SHA1 | a08b053dfd061391942d359c70f9dd406a968b7d |
| SHA256 | 93f5589499ee4ee2812d73c0d8feacbbcfe8c47b6d98572486bc0eff3c5906ca |
| SHA512 | 1e35e5bdff1d551da6c1220a1a228c657a56a70dedf5be2d9273fc540f9c9f0bb73469595309ea1ff561be7480ee92d16f7acbbd597136f4fc5f9b8b65ecdfad |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\apr2007_xinput_x86.inf
| MD5 | e188f534500688cec2e894d3533997b4 |
| SHA1 | f073f8515b94cb23b703ab5cdb3a5cfcc10b3333 |
| SHA256 | 1c798cb80e9e46ce03356ea7316e1eff5d3a88ccdd7cbfbfcdce73cded23b4e5 |
| SHA512 | 332ccb25c5ed92ae48c5805a330534d985d6b41f9220af0844d407b2019396fcefea7076b409439f5ab8a9ca6819b65c07ada7bd3aa1222429966dc5a440d4f7 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\JUN2010_d3dx9_43_x86.inf
| MD5 | a11deb327119b65bacce49735edc4605 |
| SHA1 | 0be2d7fa6254b138aa53d9146cda8fedbba93764 |
| SHA256 | 6b33d32da02f664092d44b05237990f825b4062c105a063badcf978648b5e95b |
| SHA512 | b0134a3d6f2d576e5fafb601014ab66fef91d661013acc8a7a9129940369a1d9ed5c0f228bb1666a4e891f09b4b18e83f0cb2080047aa84fa45ab663e5739a31 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\JUN2010_d3dx11_43_x86.inf
| MD5 | fb5d27c88b52dcbdbc226f66f0537573 |
| SHA1 | 2cbf1012fbdcbbd17643f7466f986ecd3ce2688a |
| SHA256 | 3925c924eb4ec4f5a643b2d14d2eda603341fbbd22118cdd8ae04aaa96f443c0 |
| SHA512 | 8aa2200f91eca91d7ee3221bc7c8f2a9c8d913a5d633aa00835d5fb243d9cb8afa60fe34a4c3daa0731a21914bc52266d05d6b80bfc30b2a255d7acdf0d18eb5 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\JUN2010_d3dx10_43_x86.inf
| MD5 | 53a24faee760e18821ef0960c767ab04 |
| SHA1 | 4548db4234dbacbfb726784b907d08d953496ff9 |
| SHA256 | 4d4263cbb11858c727824c4a071f992909675719be3076b4a47852bf6affd862 |
| SHA512 | 8371471624f54db0aca3ea051235937fc28575c0f533b89f7d2204c776814d4cd09ee1a37b41163239885e878fb193133ad397fe3c18232ad3469626af2d2ed1 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\FEB2010_X3DAudio_x86.inf
| MD5 | e84adf38d499ae39090ad60fd76d76e3 |
| SHA1 | 6af4d58bc04aac2723e8b97649f1b35fb1aca84c |
| SHA256 | d4da3e530982812d1e2a31570b80af541fac1b13c72997d2aad7ea3bfeaf4a4a |
| SHA512 | 6714992e7aee7bd0798fbec68f92c97ee502127580e21e1b6693ed6737312b44dbc9fd9ef579fe552590e9e5a4904df94e4116334265a34699a04aa76ab87c24 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\JUN2010_d3dcsx_43_x86.inf
| MD5 | cf70b3dd13a8c636db00bd4332996d1a |
| SHA1 | 48dd8fc6fa3dae23cb6ca8113bc7ad837b4570d7 |
| SHA256 | d5200b332caf4fff25eb3d224527a3944878c5c3849512779a2afcfeae4c3ca1 |
| SHA512 | ae31a9e20743a2052deec5d696a555460a03d400720679ed103759241b25d55e2fbc247170da3c0c0891f32b131ab6a6845de56c2d3387ad233aa11db970b313 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\JUN2010_D3DCompiler_43_x86.inf
| MD5 | 1a86443fc4e07e0945904da7efe2149d |
| SHA1 | 37a6627dbf3b43aca104eb55f9f37e14947838ce |
| SHA256 | 5dd568919e1b3cbcb23ab21d0f2d6c1a065070848aba5d2a896da39e55c6cbbf |
| SHA512 | c9faa6bb9485b1a0f8356df42c1efe1711a77efa566eee3eb0c8031ece10ffa045d35adb63e5e8b2f79f26bf3596c54c0bd23fea1642faae11baf2e97b73cf5e |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\JUN2010_XAudio_x86.inf
| MD5 | 31d8732ac2f0a5c053b279adc025619f |
| SHA1 | c8d6d2e88b13581b6638002e6f7f0c3a165fff3c |
| SHA256 | d786d06a709d5dc26067132b9735fc317763fcf8064442d6f77f65012ba179da |
| SHA512 | abc37922307f081a1ffdc956ce59598c19ad1939ecfb6ea3280aa6aa7a99c3eba5462731586ca262f7d7257d7d2a74ff57a45abf6b93521eb6f1c9f22f8eb244 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\dxupdate.dll
| MD5 | 94202f25810812f72953938552255fb8 |
| SHA1 | c1e88f196935d8affc1783ccf8b8954d7f2bfb62 |
| SHA256 | 6dcad858cc3ff78d58c1dae5e93caf7d8bacb4f2fcf9e71bccb250bf32c7f564 |
| SHA512 | 65b66d07ef68e0d1e79f236a4800c857e991ee3ff80ece4cfdd0b5f6083ea16f8a52d351c3af721cb05c06394ec91b4b5e3cfa4b0f0879f7549f3e3ed035e79e |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\xinput1_3.dll
| MD5 | 77f595dee5ffacea72b135b1fce1312e |
| SHA1 | d2a710b332de3ef7a576e0aed27b0ae66892b7e9 |
| SHA256 | 8d540d484ea41e374fd0107d55d253f87ded4ce780d515d8fd59bbe8c98970a7 |
| SHA512 | a8683050d7758c248052c11ac6a46c9a0b3b3773902cca478c1961b6d9d2d57c75a8c925ba5af4499989c0f44b34eaf57abafafa26506c31e5e4769fb3439746 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\X3DAudio1_7.dll
| MD5 | c811e70c8804cfff719038250a43b464 |
| SHA1 | ec48da45888ccea388da1425d5322f5ee9285282 |
| SHA256 | 288c701bdedf1d45c63dd0b7d424a752f8819f90feb5088c582f76bc98970ba3 |
| SHA512 | 09f2f4d412485ef69aceacc90637c90fad25874f534433811c5ed88225285559db1d981a3ab7bc3a20336e96fb43b4801b4b48a3668c64c21436ee3ea3c32f45 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\d3dx9_43.dll
| MD5 | 86e39e9161c3d930d93822f1563c280d |
| SHA1 | f5944df4142983714a6d9955e6e393d9876c1e11 |
| SHA256 | 0b28546be22c71834501f7d7185ede5d79742457331c7ee09efc14490dd64f5f |
| SHA512 | 0a3e311c4fd5c2194a8807469e47156af35502e10aeb8a3f64a01ff802cd8669c7e668cc87b593b182fd830a126d002b5d5d7b6c77991158bffdb0b5b997f6b3 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\d3dx10_43.dll
| MD5 | 20c835843fcec4dedfcd7bffa3b91641 |
| SHA1 | 5dd1d5b42a0b58d708d112694394a9a23691c283 |
| SHA256 | 56fcd13650fd1f075743154e8c48465dd68a236ab8960667d75373139d2631bf |
| SHA512 | 561eb2bb3a7e562bab0de6372e824f65b310d96d840cdaa3c391969018af6afba225665d07139fc938dcff03f4f8dae7f19de61c9a0eae7c658a32800dc9d123 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\d3dcsx_43.dll
| MD5 | 83eba442f07aab8d6375d2eec945c46c |
| SHA1 | c29c20da6bb30be7d9dda40241ca48f069123bd9 |
| SHA256 | b46a44b6fce8f141c9e02798645db2ee0da5c69ea71195e29f83a91a355fa2ca |
| SHA512 | 288906c8aa8eb4d62440fe84deaa25e7f362dc3644dafc1227e45a71f6d915acf885314531db4757a9bf2e6cb12eaf43b54e9ff0f6a7e3239cabb697b07c25ea |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\d3dx11_43.dll
| MD5 | 8e0bb968ff41d80e5f2c747c04db79ae |
| SHA1 | 69b332d78020177a9b3f60cb672ec47578003c0d |
| SHA256 | 492e960cb3ccfc8c25fc83f7c464ba77c86a20411347a1a9b3e5d3e8c9180a8d |
| SHA512 | 7d71cb5411f239696e77fe57a272c675fe15d32456ce7befb0c2cf3fc567dce5d38a45f4b004577e3dec283904f42ae17a290105d8ab8ef6b70bad4e15c9d506 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\D3DCompiler_43.dll
| MD5 | 1c9b45e87528b8bb8cfa884ea0099a85 |
| SHA1 | 98be17e1d324790a5b206e1ea1cc4e64fbe21240 |
| SHA256 | 2f23182ec6f4889397ac4bf03d62536136c5bdba825c7d2c4ef08c827f3a8a1c |
| SHA512 | b76d780810e8617b80331b4ad56e9c753652af2e55b66795f7a7d67d6afcec5ef00d120d9b2c64126309076d8169239a721ae8b34784b639b3a3e2bf50d6ee34 |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\XAudio2_7.dll
| MD5 | 81dfddfb401d663ba7e6ad1c80364216 |
| SHA1 | c32d682767df128cd8e819cb5571ed89ab734961 |
| SHA256 | d1690b602cb317f7f1e1e13e3fc5819ad8b5b38a92d812078afb1b408ccc4b69 |
| SHA512 | 7267db764f23ad67e9f171cf07ff919c70681f3bf365331ae29d979164392c6bc6723441b04b98ab99c7724274b270557e75b814fb12c421188fb164b8ca837c |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\XAPOFX1_5.dll
| MD5 | 8a4cebf34370d689e198e6673c1f2c40 |
| SHA1 | b7e3d60f62d8655a68e2faf26c0c04394c214f20 |
| SHA256 | becfdcd6b16523573cb52df87aa7d993f1b345ba903d0618c3b36535c3800197 |
| SHA512 | d612e2d8a164408ab2d6b962f1b6d3531aed8a0b1aba73291fa5155a6022d078b353512fb3f6fff97ee369918b1802a6103b31316b03db4fa3010b1bf31f35fb |
C:\Users\Admin\AppData\Local\Temp\DX2FF7.tmp\dxdllreg_x86.inf
| MD5 | 8272579b6d88f2ee435aeea19ec7603d |
| SHA1 | 6d141721b4b3a50612b4068670d9d10c1a08b4ac |
| SHA256 | 54e098294ef0ad3b14b9c77642838b5992fe4573099d8397a1ef566d9e36da40 |
| SHA512 | 9f1311803db1607e079b037f49d8643daa43b59ce6eafb173b18d5a40239a5515091c92b244ffe9cfef2da20530fb15deb6cf5937633b434c3262e765d5a3b21 |
C:\Windows\Installer\MSI3578.tmp
| MD5 | 5b58382b995125ce824bf396e64bcec1 |
| SHA1 | 323d5c15b6ffa611c88355aa68d6ca5b92494992 |
| SHA256 | c59f6450eb73e5803220e2b75ac8c926fd001eb9ffe4ee8f1f5cf886a70c5f4d |
| SHA512 | 69aca6c5b90e3568202af7105cb8fa3e832ffbb9c0bd89652c732165af9d240c45fa93c81da9d6b3c3e4ec6911e19972a63958a323214c212c119ac2dc716b3b |
C:\Config.Msi\e5e0c65.rbs
| MD5 | 6cd2e543c737c3316edaf55d77295678 |
| SHA1 | b373578e1fed414eca7fb19005ab8cf42e06519c |
| SHA256 | 59a0624754ec8f8bf83786e848a83a8120f5505e8401dfe43cdc6ce16e21f629 |
| SHA512 | 64f978f4d2c637f6ff40c5189f6a112f14fe43eb5eba0859ca51c1fcce9a278b47f7371bf5bbf90de84ed3459614f5d7a3e7acf1c1fe95c7ccc1ef8e5c13a919 |
memory/5964-12225-0x000000000E6D0000-0x000000000E6DC000-memory.dmp
memory/5964-12226-0x0000000013300000-0x0000000013918000-memory.dmp
memory/5964-12227-0x0000000012D80000-0x0000000012D92000-memory.dmp
memory/5964-12228-0x0000000012DE0000-0x0000000012E1C000-memory.dmp
memory/5964-12229-0x0000000007EA0000-0x0000000007FAA000-memory.dmp
memory/4508-12231-0x0000000000120000-0x0000000000128000-memory.dmp
memory/4508-12232-0x00000000048B0000-0x0000000004979000-memory.dmp
memory/4508-12233-0x0000000019C00000-0x0000000019C01000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1622683c9b64ea2affe4384302da316d |
| SHA1 | d24a583fc080b350475b55dfcf9e351f5c93fdf1 |
| SHA256 | 3607c0722ebf1501fb4e825f12c69d332b2679a3bd9173106c446afc24064f27 |
| SHA512 | e96487cf0f0e956fde07a483363f382a1623ffe27d716ae2d5c761dacf1f983455b314be4e531bb0a454b4bf5169102083bbcc178c62acc72d56800ad93ff3c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 5370c006a4a4f0dd19d2ec0812e5d862 |
| SHA1 | e5c7ac697fcf3693f92dd98f1a5c4347d4d95931 |
| SHA256 | 88ef41e31cd4d4418d728233785e556104f53f73d79454041ea5fc48c69fc596 |
| SHA512 | bee6d08550ddfb4ce638c7ae1555397c01bdfbff6e643c08851da81a3805c4d2aacd9c21bc6c1d7f6565469ebdfa938360223d3f516054f72c134b1e898ad141 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_271315775\manifest.json
| MD5 | c3419069a1c30140b77045aba38f12cf |
| SHA1 | 11920f0c1e55cadc7d2893d1eebb268b3459762a |
| SHA256 | db9a702209807ba039871e542e8356219f342a8d9c9ca34bcd9a86727f4a3a0f |
| SHA512 | c5e95a4e9f5919cb14f4127539c4353a55c5f68062bf6f95e1843b6690cebed3c93170badb2412b7fb9f109a620385b0ae74783227d6813f26ff8c29074758a1 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_271315775\manifest.fingerprint
| MD5 | 8294c363a7eb84b4fc2faa7f8608d584 |
| SHA1 | 00df15e2d5167f81c86bca8930d749ebe2716f55 |
| SHA256 | c6602cb5c85369350d8351675f006fc58aea20b8abf922a2c64700070daaa694 |
| SHA512 | 22ed0211822f6f60fe46184fb6e5e7fcb2b3a9d2e19f25fb6e84e1ca3a5d645183959309549cdb07c999b345cfdd9a1351f3474e03fb8d451b0f093d44844d7c |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_271315775\sets.json
| MD5 | eea4913a6625beb838b3e4e79999b627 |
| SHA1 | 1b4966850f1b117041407413b70bfa925fd83703 |
| SHA256 | 20ef4de871ece3c5f14867c4ae8465999c7a2cc1633525e752320e61f78a373c |
| SHA512 | 31b1429a5facd6787f6bb45216a4ab1c724c79438c18ebfa8c19ced83149c17783fd492a03197110a75aaf38486a9f58828ca30b58d41e0fe89dfe8bdfc8a004 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_271315775\_metadata\verified_contents.json
| MD5 | 68e6b5733e04ab7bf19699a84d8abbc2 |
| SHA1 | 1c11f06ca1ad3ed8116d356ab9164fd1d52b5cf0 |
| SHA256 | f095f969d6711f53f97747371c83d5d634eaef21c54cb1a6a1cc5b816d633709 |
| SHA512 | 9dc5d824a55c969820d5d1fbb0ca7773361f044ae0c255e7c48d994e16ce169fceac3de180a3a544ebef32337ea535683115584d592370e5fe7d85c68b86c891 |
memory/6456-12293-0x0000000018C80000-0x0000000018C81000-memory.dmp
memory/5964-12297-0x0000000000A90000-0x0000000000A98000-memory.dmp
memory/5964-12298-0x000000000A010000-0x000000000A03A000-memory.dmp
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_648076181\manifest.json
| MD5 | 778202dc964e7fb0ab5bed004f33fb14 |
| SHA1 | 932ed013275e2c1172575885246c937c7cca87af |
| SHA256 | 4474f08d1718da148ddb55aeb998886c053f6539c2fee3b3b1796f3855792ff9 |
| SHA512 | 9105af9928af4bcceb2cdc2161137ef6b07f4b97d663bbf27086f80dd266e967a5524aa5aec3f457493a0c4b98aa092aac6bd5062e72cbd4d939402c92093948 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_648076181\deny_domains.list
| MD5 | 085a334bdb7c8e27b7d925a596bfc19a |
| SHA1 | 1e4ad53dc335af5c6a8da2e4b4a175f37fafe2f2 |
| SHA256 | f51a7acfffec56d6751561966d947d3fd199b74528c07dabdcf5fcb33d5b2e85 |
| SHA512 | c883cb43c97a136825c6fd143f539210c234c66f9b76dfd8431f6ff014094e20b9410d7462aadee2344df8ca158def6b9a807e7cadbdfa947f6f8592e7283e34 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_648076181\deny_etld1_domains.list
| MD5 | eda89a2b55db30e05fa86cfe82dea445 |
| SHA1 | e5a6d07b82fc5c0f45f609d8e4eca85b1c76f57d |
| SHA256 | 5bf6736f4862211a3c667c23ac5d2ae8b5eb15a56b86881ad465d5724509b224 |
| SHA512 | 940f4ee0b01308d99b4f98b8a298bd39c36b03f622ac6dc9bb87c7632ee9f1cb01e553468a797c3c40b98e1f72c0f9ad131041a356ae68fcc4983f0e0f37d6ef |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_648076181\deny_full_domains.list
| MD5 | a2ecdd4b8ebcd6c999dd980b8d6816a2 |
| SHA1 | 599101e9f287540a46f808e08aaaf3a031c261a2 |
| SHA256 | b77eadb997ddc9dd4dce6565355b5ee59656b0d6b9e30a9672941b74e69920d4 |
| SHA512 | bdb7f7ca9e78e2e4082396ec8aa468ce63985c9a5e34fdea07c1d2e033cca56d345aa18d26a6d9c5a6fc1d025f1fb80e3906de35c3ea799c38659f9ded708eb3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_648076181\manifest.fingerprint
| MD5 | c00b0e76dd1d6803e161f3064b6e6692 |
| SHA1 | 0d7fd4a321a38026b31b2b70c6d2a9f84db47fff |
| SHA256 | e3dd51712598d3fc268cf56a6859747e596e79402cdd4099da9a79a4faab8d82 |
| SHA512 | d594f2c56571845110a0b221ec22e06f0aace0602b7035acf32f0af4e3e4e6791bd5c9be1088f3310a5cb4b607014ee3fa6e71ead190be7ddcddde8cddfe2e9e |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-bn.hyb
| MD5 | 8961fdd3db036dd43002659a4e4a7365 |
| SHA1 | 7b2fa321d50d5417e6c8d48145e86d15b7ff8321 |
| SHA256 | c2784e33158a807135850f7125a7eaabe472b3cfc7afb82c74f02da69ea250fe |
| SHA512 | 531ecec11d296a1ab3faeb2c7ac619da9d80c1054a2ccee8a5a0cd996346fea2a2fee159ac5a8d79b46a764a2aa8e542d6a79d86b3d7dda461e41b19c9bebe92 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-nn.hyb
| MD5 | f2d8fe158d5361fc1d4b794a7255835a |
| SHA1 | 6c8744fa70651f629ed887cb76b6bc1bed304af9 |
| SHA256 | 5bcbb58eaf65f13f6d039244d942f37c127344e3a0a2e6c32d08236945132809 |
| SHA512 | 946f4e41be624458b5e842a6241d43cd40369b2e0abc2cacf67d892b5f3d8a863a0e37e8120e11375b0bacb4651eedb8d324271d9a0c37527d4d54dd4905afab |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_498670512\hyph-mr.hyb
| MD5 | 0807cf29fc4c5d7d87c1689eb2e0baaa |
| SHA1 | d0914fb069469d47a36d339ca70164253fccf022 |
| SHA256 | f4df224d459fd111698dd5a13613c5bbf0ed11f04278d60230d028010eac0c42 |
| SHA512 | 5324fd47c94f5804bfa1aa6df952949915896a3fc77dccaed0eeffeafe995ce087faef035aecea6b4c864a16ad32de00055f55260af974f2c41afff14dce00f3 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping5528_1618662783\edge_checkout_page_validator.js
| MD5 | de5aff6b20b708d69175330b26de19c1 |
| SHA1 | 135eb6ad504a6f78dd77a04080c2192d25b61ecb |
| SHA256 | 0e8ab448e00b4aebb7b1ce3d548dff7a2e8f874b9b020814500322d67fc3c902 |
| SHA512 | 03d4d5f1084c4112e264aeefd69dd803f62e87d3e9583a50ee39855cbec2323cdbf459f658287a630b42b0b5fd491ae196378182b2e1ae07a0e78e5d8d8f2b1d |
memory/5964-12966-0x0000000015B30000-0x0000000015C52000-memory.dmp
memory/5964-12967-0x000000000AD40000-0x000000000AD5A000-memory.dmp
memory/3672-12978-0x0000000000E70000-0x0000000000F18000-memory.dmp
memory/3672-12979-0x0000000001940000-0x0000000001968000-memory.dmp
memory/3672-12980-0x0000000006350000-0x0000000006368000-memory.dmp
memory/3672-12983-0x00000000063A0000-0x00000000063B6000-memory.dmp
memory/2560-12987-0x0000000006920000-0x0000000006C77000-memory.dmp
memory/2560-12988-0x0000000006DA0000-0x0000000006DEC000-memory.dmp
memory/2560-12989-0x0000000007500000-0x0000000007521000-memory.dmp
memory/2560-12991-0x000000000AE20000-0x000000000AF4F000-memory.dmp
C:\Users\Admin\AppData\Roaming\Imminent\Path.dat
| MD5 | 73c5f54e14fa605d2371a8af0d419459 |
| SHA1 | 806c9434e0e7c2a58c9a6dd70e1ad5502b1502f0 |
| SHA256 | d1f351d822e45de3030cdc894b4bf89291c547847c1b377a1c6a25b8284a0871 |
| SHA512 | fd4d05bf436dd38710c1bf42ddd01e4bcd294deba0199b2a0fac8d540e5394e113202d4084d748977a09d4334b523596b2710aa7181e9d308c77f3e518ad91c2 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\xinput1_3_x86.inf
| MD5 | e16c94edc4b577b7abe7b06e31376884 |
| SHA1 | e86cf530fe00c0fa2a107684a198b37e97b9ce76 |
| SHA256 | ba212aa1514df6509474a46c7b2fa07c210d249b524bf7d47d058461009a75c1 |
| SHA512 | 5405f6936e05e1260a3778d86d76145d2853a345afa156ba6e0a7cf4bc9267cd4cbb5cd32878adda3c6130721218fb899fc896bf823cd63c32c7086b18cfe9db |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\X3DAudio1_7_x86.inf
| MD5 | 3d0b9186400510833f9b90e3d38f0a4d |
| SHA1 | a210c6c765911bdc3929db2d14c0de01542976d3 |
| SHA256 | 87759c44c5487e479d7bd072d3b541ebcf718c35d8e9edbc1b15e793dc3beb21 |
| SHA512 | 54f100ad064781bca7c8d813b0ae554473c8ff0eadd4c30d85459c9a273416bdb6080bce3072c3eba555863455ceffaf25357e0180d287557251e9bbde6591a5 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\d3dx9_43_x86.inf
| MD5 | 9141fa8db790807373411ee033a9129e |
| SHA1 | 9dc55e8c8f65f136d930b10f09247789b6719bf7 |
| SHA256 | d125f988976274cbbe55a4c5933dd78346654d91066dd97eced75aa4be53a85e |
| SHA512 | 9f2b2603e8e9eac8f5479c005367981c8728ee715c376ebdef7e535d39a1ef830218465234294e588f81e608c2cfc85304e6c4cafb11c8472bc09b9be6e88618 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\d3dx10_43_x86.inf
| MD5 | 24338a297e69e534524a71cd5ad543c3 |
| SHA1 | 69870c91e59b0eacc4e88bd2d4f95e7561f630fe |
| SHA256 | ed1429a15b15a28f2e6a92da669a205594d09625cbfcdbf0159516a813a6f5d4 |
| SHA512 | 8bb4ae9c72909c6b8beb6ca675c007317903869ba56f549d9c2ff48a1fb50923b98b6f748e99bfd56b4b068e14c8773e9bf4dcdf5eb6ccb8b0edd6a0b16decc0 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\d3dx11_43_x86.inf
| MD5 | 5f043e62b5cc2f3d578e8f58aaa09fba |
| SHA1 | 2e3f0422e88d6dbeaf8211d7dce7b38d3048c433 |
| SHA256 | 025cfd736326445f5d98d8dfc8584189f8eebb2d5f3e3cd25a6f386bc2496958 |
| SHA512 | d1af12375e5169525464dd17dec6f6ec437b6a35db6c425d508fa694b506f302b8a72e3f2222467e2cd98346f017a83b5149b80fc8c06b06320ec9e265280680 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\d3dcsx_43_x86.inf
| MD5 | ddbfc2923df1263bd87ac1bdba534d4a |
| SHA1 | ff329698074965493128e627f770b9b3e444f813 |
| SHA256 | 48ec353b9c9fbf9ec8692c5d6462c7e4fdb726e7a0b0abd734f33f9e5f0ace56 |
| SHA512 | f10220c3f33cf1da56c4ff580da322923b5cdac25bd1c8d0b4f8f0bf456397a4dd32a21e7b731306ed5e01a2b832acec7044d7337911e7f4649cdb6f6d37f603 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\D3DCompiler_43_x86.inf
| MD5 | 90785e792edcfa7d43de9df2d1ac884d |
| SHA1 | ea5d8bbbf131343dd0ddb2073dcbb7634e6bcecc |
| SHA256 | 8f68ccdd8ce1acfaa5c4afac6b2e96e23b7b532fbcbe9375709326083a134e85 |
| SHA512 | a2d15df6148b811ad5658d9692a737924a3ce3ae1007cd86b6ad994922d95d839258dd18d785425609970efa8a39ca79fa61512f7908891cf51cd0eeb6ad2b15 |
C:\Users\Admin\AppData\Local\Temp\DX7AEC.tmp\XAudio2_7_x86.inf
| MD5 | 43c696383f239970837409719508c896 |
| SHA1 | e822e14e4700025acaca0ce6aacf486eb0a9c4ae |
| SHA256 | 1ebd56e5bc5d6442f01ac9faf333cb513ebc6397945e7f577a5970778cc636ee |
| SHA512 | e77eed171399f58d59a586593904d2451e884a49fd9bbfde10ee1a09f1bd54c5396aff5e58625e0fe1c4f2a87c69366644190518826596d6547860106e8a4c95 |
C:\Config.Msi\e5e0c69.rbs
| MD5 | 36ef171b4b815b0b008a429d70172fa9 |
| SHA1 | 9768e758eafc5f0da5f0c60045b9fe60e41cdf9d |
| SHA256 | 21bdd25bbd33c4126d8cad668904b0d23e2fba423f0d4d7e07a65500035739df |
| SHA512 | fab52e0001124ae25a97d52ad1e44257067c043f64be93fee1ab3cee95264a16a0c5791ec779b38076a67ed062d2249751c7bb58eff063a86399196294471135 |
memory/4788-14233-0x0000000004AD0000-0x0000000004B99000-memory.dmp
memory/4788-14234-0x0000000025D80000-0x0000000025D81000-memory.dmp
C:\Users\Admin\AppData\Local\Imminent_Methods\Imminent_Monitor.exe_Url_q2n0tyzsvkaja43g5niarn02omra4lj2\5.0.0.89\alzj3qfo.newcfg
| MD5 | 8373730e658123c06314e7b5de945d99 |
| SHA1 | b6cb2945e7e8afd329380be85b6bc50ff4089c85 |
| SHA256 | 0846cdb2394651922e58bf6b0438c0f19a2e89a48d2fe6534f7bf4f7cbab7de9 |
| SHA512 | 2aface50eae3861f4ef1394605ca0fc1f3ed6acb048752a27e148d08585e1ab2afe8fffe23e41453e4ee6f005e4d660ae4c50b8434106405e9bfd48ef5638264 |
memory/1260-14254-0x0000000011E80000-0x0000000011E81000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_4ymxmh0v.5mo.ps1
| MD5 | d17fe0a3f47be24a6453e9ef58c94641 |
| SHA1 | 6ab83620379fc69f80c0242105ddffd7d98d5d9d |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 |
| SHA512 | 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82 |
memory/6504-14291-0x0000020B39FA0000-0x0000020B39FC2000-memory.dmp
memory/6504-14300-0x0000020B39F90000-0x0000020B39F98000-memory.dmp
memory/6504-14309-0x0000020B39FD0000-0x0000020B39FD8000-memory.dmp
memory/6504-14319-0x0000020B3A390000-0x0000020B3A398000-memory.dmp
C:\Users\Admin\AppData\Local\ElevatedDiagnostics\733862231\2025051812.000\ResultReport.xml
| MD5 | 3bae20da1b6eede241cfc34c7aa6dcbd |
| SHA1 | ae3bdb4747b9fc79666fd3a3dc3035325b7268b2 |
| SHA256 | 976ff73fbb9227786e6f8cc24c7ef2c43fbe241ab5d06d55fd6157f608281c63 |
| SHA512 | 03bbfa75d8d2ee1347d538bad20ee7d939f228e1ca51228673854476af1c02966ebc59c020f106eb3bca502ddb3ab91d156d2a88ccd3e316c036570d8f4df6e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c69ff37cb13ee85ac0dec49625ace43f |
| SHA1 | 5636833f64b23cfc3566912d1752fcc30875ef2f |
| SHA256 | 72f94f40aefa893bb08c243e08c9be41bd639041d46a942924cd581a5d67f76b |
| SHA512 | ec10d2cdca4532915d89929cb03dadbedd866e464df34b73cdb0f6776a4475232b0c79b993fc98c09634088ae4de188011b7d47f709a75c3fc48bbcdb6d1bc40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | e9b058dcda5a22fa35ef49c3a59b7e1d |
| SHA1 | 36fd09f2ae543c4c9e17f4cf53e828f569481acb |
| SHA256 | 92a900608271189ee0249e3da6e4feccc802226a60110855c6c79169a0e599e9 |
| SHA512 | f9700d1dff15657c2e1f1e0f856cab9bc082258c26ae4e89d02e9adefae5a36e9e62da5ebf3af1b9976258912094f11680df4f300717300152acf468b406eaec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7d4c19603f1a4800a0ad5874ec111452 |
| SHA1 | 195fff039e49dabd054c42f1b55b8e3ecf5b27b8 |
| SHA256 | f1e677037bd7cfe0285186cc45d52265b57e2eee48dfd36cb657845df1e08678 |
| SHA512 | 7a40bf706b34750ba1c500ccf6f4574f530bdc7386cc7a0f55eab73b33e32cd91d72e638ca50fea7773344df4ef478dd81e9cd44a63f2b1d13645274ae86a328 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a8f25c36a7980d50966f25782c30bad3 |
| SHA1 | e3b9522d6650704749ed22fe04a8fe5b2a2c53a6 |
| SHA256 | df6ff98df04c2b728f8dff1568acae1585630ff361b3af4b0c146e93d4c00eda |
| SHA512 | 7574da33790af636d5120c51619f3450053a7e7121ec361acdac310083c96c330299f3a9ed1c82ede27f36abd1b4e5df51dd60c388bae31456a9672d7df72ae5 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | bde2bc5b00bc4b93d513ad45464c3c6c |
| SHA1 | bd0159d673f2f40b6edcb9dc9ecd8491fc261175 |
| SHA256 | 7b610942d78e5ae44ef1763079d9dc7f17dca42b38b991eaad9dea8b608c9397 |
| SHA512 | 2e5117ed750a8e25dda14aca76e4ed83a8a2a3fd6febeaaf0357636a4f61d0944e2df387b21775cc0ecdd417dbc82deec85ec586c857ddadfd3950aa19df93a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b992f7394cdff629b9e5f4504cbbbe64 |
| SHA1 | fa19e7876bf3ae3ebdbd75f4f6a213e5f35f1e1f |
| SHA256 | ddf5fdee17954a8736c0df21899d024f39894fd4aaab3752a398b5b9eb85c751 |
| SHA512 | 88a290937db679b397e693f7b1868b1e61df59b7e0a753b4c995c7a8773251c161635090c0f2156ba16503f8bed8986ec8bb23dc4889fab9f87c94eb6c28d000 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 02f597e9ddd333f2f7e3e786a6e27074 |
| SHA1 | b32beb744a67e7db720b1dd77a5d36e9d3821f9b |
| SHA256 | 2f2ca825c10f009fbf8ad64e9b0d634288f1321048d43f5f4dbed5300d66b26a |
| SHA512 | 9fb52ed309b29e5f9abddb19c682423f80ca509ead7e13a2086d32cc71f1976f47891cb512386e00cd4c0f99294ea369b09946124985901748fddea2986952f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2c32024fdfcf94e5bd605937c7e1631 |
| SHA1 | 39b99780b8fe3684bbccdd26a5bb4eed9550fbbe |
| SHA256 | d10e7abca965275988f9052f8df4fb2260164a05c481d65655965e66469da415 |
| SHA512 | ce661b6c28c15d9b7d77fec262ff178f6a6b46e1aaa46d17442201c937758d4a7a8e0f3ef97b9a169396e55b3026c231399300671f1ec39b61aad0238f1a64bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 8b96c96d66a9ed4b727f444e6e3e5d3b |
| SHA1 | 2cdb1c134951a52ae4388df053213999ed29cd53 |
| SHA256 | c05c384c5169b773fb052801508d6c62dc9bf52368a3dc062176eb0aa997fc4c |
| SHA512 | f69683e057cd1c1c662bd6c19dd9fd4eb377b2e0fb8a3e9d400804733c11f5cfa51ba2ce8b4bce57b16032347763555a1b8582ad723cac03ab2ebf7876e785a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 66bef74bccf698d9c154442c87498c09 |
| SHA1 | a28ce47f178f8aa4ad2450adb0bb1e559af06066 |
| SHA256 | fe7ea7ffb97aea1cf8df77ba729871619d3daeb590eb5c16b5171fe5ad10642d |
| SHA512 | ea46753df250f771eff7dd64906c02b11e7efe57d7c1e22313d598c05ee62fbbe87944951a5e4f773b043ecde13a98c392977488a1d8cecbf2e693187665a70c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d2b6dadf76835c65c8a420ad3eab7b0b |
| SHA1 | 12b005d4a37018bf4deef29390d3af165a7d6769 |
| SHA256 | 0ffea8480fe8d6bc54536c9266b8a88d804b49f5b097d11e1a53621d7a7bda39 |
| SHA512 | 41df484b9010dc657f29bd258c2c3ffc415aea66582a1a165a71d4bf38c06f1330b97ef641160329cc381526ede8bd4c27d9220a8b199f7a117277c7c4087916 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\05e45322-8635-44d1-9b94-c37eb36e7b03\index-dir\the-real-index
| MD5 | 9eb44f82381bdf67eb1871ae1b766e1e |
| SHA1 | 7c749861b08aa0b189f4e5b2decd0475e0c60ae6 |
| SHA256 | 68a6163c34ef9a986107f0d0a1e2a6149f1a69dcb6553c78e996ad63d9c32dd5 |
| SHA512 | 8b1e1194d055d73b6cd2067382567b4a8ceb982efb87d74af705f3f728e1344d3cbb9ce2bd48b36a3a5864a0dc5f1a95efbfe86e1fa3c4c531a94f0154bc1b4b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe636e8e.TMP
| MD5 | 2f60ccad2b2d78ed310f4d584298d3c8 |
| SHA1 | 7562371b11ead19cec0d183cf70099fd6b361dc4 |
| SHA256 | 8a9e0ce4410a4d5376136439e9cb4bcd16ef05780fcc926f8bf0db94027306bc |
| SHA512 | 892790d79803cd134ce93a421467c8e840eb24398b5505a0f062a22c12a6c8185edb3864c4ca5f910c549af92a9f8329ec8b755954fab16f917992e9a62ed8a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 2f676b89eae0a237e8fb54df52e557c4 |
| SHA1 | 3a8634a04735e653a4ba19169488794b3b9e1795 |
| SHA256 | f34e136e2e528b7b892f11376273aec27f124f08cd6eca92454a79946786a011 |
| SHA512 | 5c79c13fa9e4812ef808cf82be6a70f3c2b67af4d1ee0c4526e18f3f6517fb5e95a2840199b139da77e0c37f373e7b47af1a4a95a7f3164ab8fd490d84b63f8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\add2f75a-fafa-4d82-a322-cc48f148437d\index-dir\the-real-index
| MD5 | a5c6e134d3f9e2e1d7440809cfe01c5e |
| SHA1 | 450cc1ea9f0439c0681a74a3ff65c533f187e17b |
| SHA256 | 003d649db74b6abd1196298e629f7c4169c95190d1921608865ccb5d32d004f7 |
| SHA512 | ac9631139722993e90e383a5e05989f64b48db38a21117dc8812a10e6aba8836f03b42d389739042264c180a727dd5dcf89f6a03e2502d839f1865ebd6f7b1c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | c0624c3e0a1bb48cd44f36d9f5b4a78c |
| SHA1 | 8790e5691eaa1dfafd5436712a1e3bee923181d9 |
| SHA256 | 2ffdaa6d38c32d6e404ca47073c3f579940988ae05cc62f051b971d3164b9d84 |
| SHA512 | 07eecc16122b8e4de589c44e55bae23c38009447a0e15702b2e2a374ab6fbf377f6e8a16e7f1a756f53b718afd4f4c6633e7ae3f68fb7354546b1c5e43161ad1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 013851711cf2ea22867d4ca62d053b0e |
| SHA1 | b7b903c8de97bc0b6ddce38d90c8808306e44fc3 |
| SHA256 | 8d2f02161e651b3a704b7a309fba93d697628b8c023187f3a827bd0db95ef0ab |
| SHA512 | f53853db724f63caf301dc781cc43922e50773728396662a94a3e84fd118fb99b5e79c8759e549a62eb10b2816914bf7de4f03aed8da1bb0f013e7c4d42a7438 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 16ac46ca5b31b2025c8ff73243fbc7bb |
| SHA1 | 3e5497d0ad1b28bc2622e34a3095a268ded52400 |
| SHA256 | dae8c96343f02ce50c009dd174acfc1019e1325426a38352063b208b5ad91f1b |
| SHA512 | 77fef72fe0074574fc52a50d1604b723b6112e1318f6465b46c6597d67fa622364049ed4e0e6c28fdf3b87c69d886b5cf3551a589aa51378d721acddc431398d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 637bbcb0c48d003d372ee3ab94b02ff6 |
| SHA1 | d81263fae710ecc1408bc8490652b00936f9d788 |
| SHA256 | 0cd8e7145016acb4218c29486050c8dd8d23817bd21f40f31ad4b431609c72bc |
| SHA512 | ac2d87d821c23dbf559011849bf97ef2f054f6981e079118ef6c88ebcb055669b4996cbb88cbc183386a9adec338442962d4a041f2182b39c79506cefe69345a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_ntp.msn.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | c0623a1b022823c2428b7870fc120975 |
| SHA1 | a1fbd6c889a9717e766e96e0fbc25e850f83e36e |
| SHA256 | bf51e3ff0211c127f94362cc499ff4e952cf92aca92978d0dac37c3f8674aa0f |
| SHA512 | fac610bc13bc9f8a858539150c9ea28c368bed644406109ab9acc8a1011756b2a9568380f6472fa0b96453ae01810294f722d1d7f77310c7ea29d6bb206c78b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\99de28de-0f4f-46f3-a737-c8be4d319067\index-dir\the-real-index
| MD5 | fb39101a23eca620189b8ba40a74fc78 |
| SHA1 | 23ccb57d9f4aca6bbaed9177dff080ed6de1684c |
| SHA256 | dfa38eba31bffa9f2b243389e5c67d8ec99bcea8c176fd576bc8f90a7b3d775c |
| SHA512 | ba4e24c931bd5b5a4ba1e59ab2a1e163ab04d03479a025ef5655bc0f329cabbf481e6efd55a14bff6a99e56bc7b04641668da423aed526abae5fb87d1e358b14 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\38d4e74f-279a-4957-8254-9fdac39d34e5\index-dir\the-real-index
| MD5 | 0c5af5f1f28bbe0ab618d40b6b225d5a |
| SHA1 | c2095987279b4995ce28410806d9b78210ee0ba6 |
| SHA256 | e4820ba98b546137674fe2cfdf84dd5b73f18a63c99df90add207ad498aa21b5 |
| SHA512 | 30806a84263223bb4b15ecd387f3c642361a4a585657f72d4696d9db0b9fa285e6ab5d1fa5efec43735837bec4e41f33394fa8f17f15638864193690790ddeae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\38d4e74f-279a-4957-8254-9fdac39d34e5\index-dir\the-real-index~RFe64059e.TMP
| MD5 | 1425e9cbe5d94c3d929c737d3fa7d7e8 |
| SHA1 | 6815ebd035334eda13cb5f8bab94d93a67d00e37 |
| SHA256 | 190a20a6274d7f4f69eecb770c79298e7099ef3bfffc999a1096fa895172bbd8 |
| SHA512 | 7890e32ebb022c142b0bd6c6e5664ad965c0e04796c4d16f2479f38b5d2c5f0fdbf080b7d9549f00f9d5c25ef0cd586648d63980096b4b634184414a245b3dad |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 517d3a89134c60fbf8fab1fea308cc20 |
| SHA1 | 8faacaed4cd02021810adff3a043e67c05c5b469 |
| SHA256 | fa0d53117a4f00e5ffcc9ec3aae6ef5a92ab911a63ab3a59d6dd971405433660 |
| SHA512 | 50e2abdc836f51802f8719c5977eb6db8c3e3204f8dbf5e8549fb72c2a65252627ecea36f65d6d8d4c7cd6dc346e401e72bc25418370da1bee39d869f666b55d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 459831f6414d6acc30c6f756aa1256df |
| SHA1 | 848427e4e4793e56ef3e466963928fa1501bc8a6 |
| SHA256 | d557a4db3bd06b2040dbf59edc261b5d13cd9c0e6b3afb5a77903f2564f91e8b |
| SHA512 | 776fde4024b807a624a14993cc2c9c784658076e29fa7e6964c71d922c06876463466952a33d984744a440c0726ab27b7f370dc755297726dafb15e2475e9486 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | d9d6193606356ef4286c2c622ed91016 |
| SHA1 | cd343635a9d0ca2d12be27ce4b11eb6d3aa4c7a7 |
| SHA256 | 86e28162f7192cde9306cb0c3783f8e8e24d8c6dbc8d8f1f06f9cd2f9a8e01be |
| SHA512 | e676dead0c1e90b1ba12018f1c1fcbe6cda31e9b6563648b4f80f92b79cb608a188fbbfd418b138a12109880288148a51938673097f26c1248d289257eb9c10f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 13f00141250c97851aaff341126aa09f |
| SHA1 | 92dede0384ee112381537d0046d844412d6b9e35 |
| SHA256 | c8cc4d441e21c4302fa1f645bff71c49e94ca80b1d3ca7cfc8d8e77cb0dd1036 |
| SHA512 | 0e3aae0bf70c78a88b9c503492c8fa1d070e24f553f0e8a65d52cefe060b9d5906da3db5aea5591d7741f63d3d025aaa1ac2edc53f6128304cc6395c28534f3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 2d58fa0dab36c4d597f207bcd8523eb5 |
| SHA1 | fa30c58bc792000bc3f4e7df1fd468562c4a4a74 |
| SHA256 | 8679947c8a189a4884f759e5285b8d99c2f8703c208b63903351b35897578d9f |
| SHA512 | 2e3959ce1bdeb4dce0895f511ac96d2408c5a6c7346fd84be13534e0777a658225bbcd18bcd7f05c997bb3c884efa413cf52a941c0c231c0f33400de01d98eb4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | a25e26310432036134bf79b243ba1e8e |
| SHA1 | 0285a12b02c3a0b932b865d6f9ba359d99065dfc |
| SHA256 | 6852a5f4796874be1257588f0a9e4a1c818a83b453ef003c0f432e4c35a4e4c9 |
| SHA512 | d62315ef09b832562d7fae5074f166317fd6b4dc3cd59a0a27f8a52041c45520f8c5449840a0df818b0746b0a9a393d21d390dd91e0d0dbd3aaee5e3956644eb |
C:\Users\Admin\Downloads\MEMZ.4.0.Clean.zip
| MD5 | 8ce8fc61248ec439225bdd3a71ad4be9 |
| SHA1 | 881d4c3f400b74fdde172df440a2eddb22eb90f6 |
| SHA256 | 15ef265d305f4a1eac11fc0e65515b94b115cf6cbb498597125fa3a8a1af44f5 |
| SHA512 | fe66db34bde67304091281872510354c8381f2d1cf053b91dcd2ff16839e6e58969b2c4cb8f70544f5ddef2e7898af18aaaacb074fb2d51883687034ec18cdd9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 29af69470c50204c19f0eeb93c3d1693 |
| SHA1 | 8d29e3acae79e53dd9b0351f845f0d434b2a7865 |
| SHA256 | a3c316d4ca28d97da9e137aa0df742940e21fc3256b735c069aa8bf3dee3fcc3 |
| SHA512 | ae8e6f86f31e09e89b231453290b0a36015de434fdc041867cfde6e52041ddeaf8ea20e10fbbbcd01c0ae000ad36f4fa0f6c89ae2ff5288333d7d6cb3e6cf1ea |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | cfecf7b7a906e35f87b669c96b0cfc03 |
| SHA1 | 45443b0d76fb8d49ef2e0beb349b91407f5ad2ef |
| SHA256 | 1c72a497b8e874b0042e98b1ead4889c8720ce69c51e76ea0311d3106e35d34c |
| SHA512 | 4a3d470433b728ff1bad0ce79f247b577ec5e69361c767d6d5f96b81afad51a30965a486410b6b77ca4679cfb86b4b793ad67759d59cbdc288fa0c6507c2da8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fe806fbd65a76fa908f0f91d994802ff |
| SHA1 | 241016938d78a7c14cfda9e47319afa357cc74a7 |
| SHA256 | c822135610ca0068056c77d44da20cadfc684e8becd0bfd5f423361b353d3e80 |
| SHA512 | 04a340553cc3244a87a7cc9a51cc41bacb23371e94d4f2d46335c70d879c5082f9a7a708cb85f2694afcc0e5a75ced3f2e38105983705dc23f3c42ccf8182b1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Subresource Filter\Indexed Rules\36\10.34.0.80\Ruleset Data
| MD5 | 3cdc93384b8e09c529d6dcd2f9df18ad |
| SHA1 | 4840919262721c45a058004024748e4ec898044e |
| SHA256 | b55d5717a543625a2aa3671e662bb59201548076fe9c3fb41e604c7f54b8b030 |
| SHA512 | 0994f3d74b0e23f83e92fc72db02d92d5bc7f7a0ea13b8ea92ab8b07ccb97450a101bbfa684159c5b6d56724f64d6fee9c3378f7ad40088b802851c80b7c2ef5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a57502a55d7897847221fc89601191b5 |
| SHA1 | c2993ff6666db966a2206735736c788d264b5fd6 |
| SHA256 | a2e15adc85fb894586813062be503322ebbea6e867cbf6c792e12cbaaa4a19a9 |
| SHA512 | 7cc976c4fafe127120ae448905a28618294ee100cd1f42148a007f9f76620d3bbd2e631e2d7355ff65314ffad0126d05981b2d5d9d7e2239bdb1a29afc4b741e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 92b59a2c7fed538f1d51bd9ce1e77c6b |
| SHA1 | b98a221ec779cc6857771fca8c6ec62410e1ec14 |
| SHA256 | 95b651a616c5f5eda44ca6a62b38cc9b2cb822dfd5e85fc4023a08151cf95a61 |
| SHA512 | 25b5ac13c0f296381abdb3fde1f65088716aa457f2ba713ed1f2b2eac640ef2bb8e62cae98a7568c7a6e406e81a4c0b84a064cd1a1d82edfcfce77c804151be2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
| MD5 | 9762cd8639ece8d7ae5271ce8af3bbec |
| SHA1 | c8ae0b5b9ff2067c815064a8e0235fd62a581000 |
| SHA256 | 5b289705b5e6bb420d580411472978c6a94c027465ccc2ba73bb25110d557e27 |
| SHA512 | b7b08d43f3d601a8e94b18bd7dc0d83394146b543647505d455bc9e770628db6e5abf33b65eb6c17ef4970f94529686fd884ca48cd7c852e162dd171b27dfc10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f9f597fe-c98c-4888-81a4-3d20621061f8.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\Desktop\MEMZ 4.0 Clean\x
| MD5 | 20e335859ff991575cf1ddf538e5817c |
| SHA1 | 1e81b804d67d6c0e22c0cef7e1cb9f86ce0ef5ee |
| SHA256 | 88339750431112ed60cdf9bdb7697434ba9b38e2d15ad604c4462705bc1bdfcf |
| SHA512 | 012251b342722cf35ebec2c7d071db505a992d81fc4b3492cd87640b5c955dc084825fc5e72edc821f4c481867183f21d26cd904fe7f0373d1156332f87b031d |
C:\Users\Admin\Desktop\MEMZ 4.0 Clean\z.zip
| MD5 | d2ea024b943caa1361833885b832d20b |
| SHA1 | 1e17c27a3260862645bdaff5cf82c44172d4df9a |
| SHA256 | 39df3364a3af6f7d360aa7e1345e27befc4be960e0e7e7e060b20f3389b80e76 |
| SHA512 | 7b7cfb5e689feed6a52eedf36b89a7b5cc411191571c0af5e5d704b5f24bfa04afa62d1daab159a7e5702d80e56f3946bf32db0551d256419ca12cd3c57dcecb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 46ee494157dbc22c66407d50f0bd450a |
| SHA1 | 77b3db99560bac16753bf4c19ca782325cce4183 |
| SHA256 | 956c2896f0b9e75262c9e84ed3d327ce21475f48c8223ab02100dccf7d2e04cd |
| SHA512 | 3b4212e22e544f3d3ae6e4078b4068938e53f46dbe3cea09f0b0d05f7b66e4efab0f41ecf45eb3faf7770e2039e877d259d04aec596aa95f1878d9ddc784eef2 |
C:\Users\Admin\AppData\Roaming\Imminent\Logs\18-05-2025
| MD5 | 92b37086095d65bac09efb245dc1835a |
| SHA1 | fb097a6da14ceb086c02043fb9885ab4dd6fca88 |
| SHA256 | b7e5b5b2e3e31f887bb7f24c454b299f2c600ef15de10800a49b773e3fe9c610 |
| SHA512 | 67f144ad1c83b0b7c70c8278be19f4f10703ec3e1f1d3bcda361c1eeae9b23bfbb9edc0fd7aebf3c458a1abc41ee825e72be4938287456c45e39041865b42b28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f61253a92b81e5573ccfb56447289081 |
| SHA1 | bbee8458c76f3cde5a74aaed1378d00d6ce8caf0 |
| SHA256 | f11e17901e3ffd2fb721ff7d053c9eb1e0f669f8150ce47b485eb56f5a48c6b8 |
| SHA512 | 1c7860981365668f0afd71a130927ef4253dde089344236d5e16f5385809c1b4590b64b10617c33a0f82666c54b0795d9bcc731a8fc7afb52e6bd5b42a6ae8eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000101
| MD5 | be6063af2f340f8480f2101e38952fd3 |
| SHA1 | 07fbf9b3ae22489886fa656eaa28f861dafc1eae |
| SHA256 | 40e82ba7c3f1bcceac0198d1af624f55203dd27786a4fa2634a05fcc7da140f3 |
| SHA512 | bce33bdcf1c71dbb601a8517cbcbb8c0d9790724a6a6f9831df31dfe4bef6fdc716a58c8a7d7ee1d3d3df400a9d7710b8eb6567be654f2508678324d70358222 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e39945f25e8c8ab21dafff7e8d66680f |
| SHA1 | e90f3081d7a856a531a8bd6116dede05f47503e5 |
| SHA256 | aed55558792a4d3af73720b8ea22266a871227a8406cbfd07a2457d97afb5196 |
| SHA512 | 0bdc77f9cae74f3eae3392377dfe203fc5bdcdb321d0b278dbfb65d8f6b2a9d70ed233aebf177a5c56168b56ec52ff1144bfca3d523d6c64fac0756c794f5c95 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 98585042a8c7e1bf556cd3ab0ef36c04 |
| SHA1 | b872e98dbfb625152229f77be3e2f163a2f2ffa2 |
| SHA256 | e05b5e930de21723abb46e122ba401c282eddb6f07ee2da84cabb1df6962a025 |
| SHA512 | 206c637fcc36bd99a136481169f2bc60bc5f80196bc98c7785ab8f5d546b9d05e774a15a4aa103a3fd9625ed8e8c8e3e97ce2af53f1e717fa74ee6b227634b69 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 2546611c8d983db4faa700befdf7d500 |
| SHA1 | 78011363cca603270180f06d0020bf4fac50dbc9 |
| SHA256 | 825e3bb174878b60100fdb1bcd3028e9205ce26c3ee40218780a3b102d600b6b |
| SHA512 | aba56c7b15c0bfaa93e7f9bfe87c7809fd628a0bca9edc4aea12d4a381b3956e68f6ccce8e6fddd3d508e07243ca8dfc15d1383cec4048b77bd7a1cf829fed65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 11b4801dd82c871194003601a976115a |
| SHA1 | e960c177a63f45be0f6c1fed3bb0758ba9b7c246 |
| SHA256 | 4df7fbb5c9f6ba501fe06a3d213255d19416bfe4c66e07dc90e9322e1d4ea8b1 |
| SHA512 | 532503b1a32f99b45101bfbe22c315400c8d8abf00c83da6d5c071b00ac5f5831c5ccb7ec038b9f8cb38bef6136b5ccbf2245741f2cb60f37563231f9bc3f448 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | c57383f270f97bb463e4930647d875a1 |
| SHA1 | af6d50667cd2a0679e9f101380f991e98f7a271f |
| SHA256 | 061633260aa468ec891a03135995f3cea9bbeb58325c5ac9ac364a795d5289af |
| SHA512 | 9dc0227f3e651ef5323b56951fcd806cddeea8462961d9c762fe03222e7c742009b4f4fab1c80fcac9c36631e1eb3782db55ed4b25111a99e9a45f39c2d4dfe9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 4eb3ea5f83ec631eb63f71ada014fe2c |
| SHA1 | 223b062e4581f937e1e3c30c6c4f7b96947f851e |
| SHA256 | f39a5039cac19d4df8a756992c661cc238b0323ea1789200d7dfd59716aa83ed |
| SHA512 | b156ceee6697a817ecbdb13eca1a9a91435c0fc8a50a8ff3625baadad7f3cd0cf04d4db1ba9e6cdcdb316b293d79e67c6953ad579c9025403c5a7e306488d0d3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 9a6228e1fd522e14004eb8369a5e3c84 |
| SHA1 | 5887d695f1cae06f8ed1eaaadc2a87a6beac0566 |
| SHA256 | 42f39619f8a11bb235f6d702cee2ce9f0e70e7d1677f256fbf550a8c55f90ecd |
| SHA512 | dc59fe2b0c3032807c603368ac0ca08989918ef7be3a4f9fc0314372dbb4642aada39bb1a5e53406690f0518f7a201e7dbbe2a02071d3a0c1c185e07c3c500e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\e0d867c9-80dd-4734-8e25-420430aa3f37.tmp
| MD5 | 1d1becaff0c448b7549401acbfdcb256 |
| SHA1 | 8790cc0b98c16cc0b391c17c69916a2a1dda6ed3 |
| SHA256 | 59444ac8885a5652e32bf8f7e99df28ba615977a3c9f021c05122951a28f7329 |
| SHA512 | c8ba6388b14d3a555994ccaf47fc2670b5201d12f98b4efed9ffc3b4d8dab2de4462a17b356ac9031558c556241110c94077de2bea160da9c2af723416fc53fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 9a58d78ecbeb79b9213442580e804561 |
| SHA1 | ea8dcf0195469d3436c7dd971ccdba97894e0bb7 |
| SHA256 | 1df920b30b7296de584e9429308ea403ffef76ad02c01d3da0632272b5433341 |
| SHA512 | 8e5338618cfaf8017f208ae0d00a5d39cd4506728fdc0e2ded12bf80822476ee2d991e33f4bd6f592db9f7c0cff3e09131e1b7a254f751b993b60720ff4488a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 308344351e622ad57ae1138ad401e6d4 |
| SHA1 | a5cfeae493449ca519e4c315bd35e71b7a7b137a |
| SHA256 | f6ceb04b7a6d498fa9893d386a490ef13ddfb7b680bc2a0dff1899a83ee754bb |
| SHA512 | a588ad8b3b2345e10567f1cb6ff25c52ee2dec1332e92fe7c22641c241a9172003f0eeb48ec5cfe22a9e0421e18a21f2ed7086ad791588add9bdcf23aa9f8fbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7b8a1e0f2f92ebb21211fb2bbf218dd9 |
| SHA1 | 6508696a48f16a5a4b52e486c0267893b37be490 |
| SHA256 | 6718d91db6639880985b09fafee912ef4973f7a2645e8dbd9a7f17e031cf74e3 |
| SHA512 | a71ada24ed6aa5efc752dbb0f4ab1498f080d6bff6c2948c1071195b7587f9c436e58ae2095ef0f0b240b41509bb0d36c54a880c0854d8f50ed12bf02dca2476 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00012d
| MD5 | 0d7583efd942684b51e0312d1247a986 |
| SHA1 | c263e1c0dd020f42e36a265f7c314782eccd4149 |
| SHA256 | 008fbd563d2df07a86b645b79a817e2a2d4635462233521339a7f9194a174571 |
| SHA512 | 013df57dc73c387fb48ef9a2846e1cef13b212ed885a9ff892f91037c5b8e77c7ee4fcb49cff209233b348440aeecf2f8ab9cfa70fc0ecdb71ce5e9787f4872e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\99de28de-0f4f-46f3-a737-c8be4d319067\index-dir\the-real-index
| MD5 | a49bae102ee7b4a1b6b64f4eddd76f32 |
| SHA1 | be7ce97d8e49281ab732aec6ffde161eac8ef877 |
| SHA256 | 067ea5128bd223968499e3433f9f7c1d3607c3180021bc3fd35a32f8013b367e |
| SHA512 | 28c71f1d4a6ffa342e5692f7379e1875fc7f4eee2a24985b2dc538848359b330ea4814be9e230b65ce87e1487d7642a383a2291cd3d64039743312c2d79d468f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\05e45322-8635-44d1-9b94-c37eb36e7b03\index-dir\the-real-index
| MD5 | b812b5736932e4efbd7e2bcb0827eb26 |
| SHA1 | 439906a0c937e8a031ec67627472a3df752fa9cd |
| SHA256 | 48ef3100c4ac043ac0c9bee30ff8f7ff9ecec7e8326f298c9b275dcc1d0fe209 |
| SHA512 | d8c6209e8aab056d1d1703aa97ca177b872dbe174f79cf820c706283c8f9e89db56e0455e17cea96e35ae1f94f1ce53c07361b5c969b47c437d02a58f89ec29e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\38d4e74f-279a-4957-8254-9fdac39d34e5\index-dir\the-real-index
| MD5 | 60863687c80799da0c557435379cf3b0 |
| SHA1 | 9f22203482f8eb7e7227be7864edfec8e6cee9bc |
| SHA256 | aee9704737826854f12c9e7c04451254e9a98ecde01bdb126cf2d165d3e05f84 |
| SHA512 | a0f6d540be4b1f63b02f5d181c44158651ab90e26064f2a055cb074f4d66b9364b1c86e0de401fc7699685b218a415baab4b6e20d7f7e4106c8308be63b43482 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3cedfb74d44f2e84198d23075aef16c34a668ceb\index.txt
| MD5 | 1f5ee88ec3ca757d4067d2b50ba75b48 |
| SHA1 | 7859f9bf7b7e5aa6451b61959e8572d785fc957a |
| SHA256 | 85287054293e478fe126031d7c8689dff7253f863704dfd3ffff32108c750fbc |
| SHA512 | 86dd1316db3213246a4539e0caf48b41af8c28a81c72f0db85b6c03a83c05d3ebef517e2d247ee70987f355a55f3513d9432038d06d3b7904e159eee02f62933 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00012d
| MD5 | 9901c48297a339c554e405b4fefe7407 |
| SHA1 | 5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e |
| SHA256 | 9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2 |
| SHA512 | b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4cabb366696ebd3907199041d1e495e9 |
| SHA1 | 4b4ba0e0df5524dcb681c7df99f6d7245880cb51 |
| SHA256 | 43b808e2f2edfa8f96ae3c8f414a70e9fbe36578ad140a4d881bd108c98cccc8 |
| SHA512 | 50c356085d11cbb3d5a1c796a3a6db7bf6136b1a0a160b3e98537580a30d97abdbe8436325beb550a278740a184ab5b5269eabecad9b58a93a2e78026d482ff5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 8716c6162a7d8dbdfd3f5dc82b7b12e8 |
| SHA1 | 7498bd430a8549949fc35d4eb1b0e70280d1aa43 |
| SHA256 | 3609e96f2e6754e1820a2604a797533c4209d8dd155608d4ba022e43ef6ba21c |
| SHA512 | e011b7082c41203598617262dab883e1b0d2a5b9c1ab9aa3338956c3fc7fa34fe4f585a77aac0d3f108bfc9d2efdaa4a94851099806e2d94c4cae232e72c9d9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f47ad2b1cbbfb433da4a23b6915ae797 |
| SHA1 | 36cdc7a677fdf3019c619c817769854b4ba6d4f3 |
| SHA256 | 10c95af37af43ff20a4dd7f99029d1380c10b25dd1d04339ea933d8e4ebe10e3 |
| SHA512 | 2ec41ea77e3c5cd411ad9f9bed5c89ac707462418c5f0f2b40bdb64ff101ac387e436278944b13c2fdfa879463e2b4cea6b5258382a041537bd4dc9144a7c041 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\RevisitationBloomfilter
| MD5 | 9792dc3eacb77d106d25682737307d70 |
| SHA1 | c8b974a8121e7b9e4878aca79e03e9e7a01d9745 |
| SHA256 | 1c47134a1af822b0e3e09e6c75066555a9428313148b8830f989a2838e1e07fe |
| SHA512 | c1d8caeea43cef718c7e3e617b6687ece26b13aeeb0d44d51f74adabeeee88b03ce5ac192dd7424f1859ad9bd68b7826558b1c9b691c0785b19cd8a2301f90a5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000102
| MD5 | c780ac505141f4cdc52e5e7d5ccaeeb6 |
| SHA1 | 087f4c1033f4fda9484fbf83c17372c8144b069e |
| SHA256 | 9985b8b60c53a71f5a48038cb1a359844660f2a2c1f15ad54b277166e4c19b4e |
| SHA512 | b30d8309bd51921101f9f1d473dbc909f1c0e624543f13d0ed9563e8922881b1a45fedf9f3f83d7a4bc7367ef1c598e124df14727703c514a7ffa29a1d7994a3 |