Analysis Overview
Threat Level: Known bad
The file https://www.mediafire.com/file/v04wcs9dlfq5ke0/VanishRaider-main.rar/file was found to be: Known bad.
Malicious Activity Summary
Phemedrone
Phemedrone family
Uses browser remote debugging
Reads data files stored by FTP clients
Unsecured Credentials: Credentials In Files
Reads user/profile data of web browsers
Executes dropped EXE
Drops file in Windows directory
Browser Information Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Modifies registry class
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious behavior: GetForegroundWindowSpam
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-06-30 17:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-06-30 17:52
Reported
2025-06-30 17:54
Platform
win11-20250619-en
Max time kernel
111s
Max time network
114s
Command Line
Signatures
Phemedrone
Phemedrone family
Uses browser remote debugging
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\New folder\vanish.exe | N/A |
Reads data files stored by FTP clients
Reads user/profile data of web browsers
Unsecured Credentials: Credentials In Files
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\LICENSE | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\manifest.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\sets.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\_metadata\verified_contents.json | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\manifest.fingerprint | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133957795564643310" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3972667009-3658015838-2693993929-1000\{51F74679-4A45-4236-9618-F028C59D039D} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3972667009-3658015838-2693993929-1000\{EE5F8F66-F84D-4E20-B4EE-7D689952A3D4} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\VanishRaider-main.rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\VanishRaider-main (1).rar:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\7-Zip\7zFM.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.mediafire.com/file/v04wcs9dlfq5ke0/VanishRaider-main.rar/file
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x2e4,0x2e8,0x2ec,0x2e0,0x308,0x7fffcc5ef208,0x7fffcc5ef214,0x7fffcc5ef220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1884,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=2216 /prefetch:11
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2188,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=2176 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2500,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=2652 /prefetch:13
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --always-read-main-dll --field-trial-handle=3416,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=3484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --always-read-main-dll --field-trial-handle=3424,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=3496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --always-read-main-dll --field-trial-handle=4800,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=4856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --always-read-main-dll --field-trial-handle=5132,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --always-read-main-dll --field-trial-handle=3400,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=4228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --always-read-main-dll --field-trial-handle=5128,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --always-read-main-dll --field-trial-handle=5480,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --always-read-main-dll --field-trial-handle=5712,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --always-read-main-dll --field-trial-handle=6000,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=6032 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --always-read-main-dll --field-trial-handle=3504,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=3460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --always-read-main-dll --field-trial-handle=5460,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6484,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=6612 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --always-read-main-dll --field-trial-handle=6592,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=6660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7012,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=7024 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --always-read-main-dll --field-trial-handle=6996,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=6580 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --always-read-main-dll --field-trial-handle=7212,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=7248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6312,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=3048 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=3480,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=6868 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7244,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=4664 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=7244,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=4664 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.ProfileImport --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5380,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5352 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=5448,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5364 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\cookie_exporter.exe
cookie_exporter.exe --cookie-json=1144
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --always-read-main-dll --field-trial-handle=5560,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --always-read-main-dll --field-trial-handle=7788,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=7808 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --always-read-main-dll --field-trial-handle=7840,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=7704 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --always-read-main-dll --field-trial-handle=7888,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --always-read-main-dll --field-trial-handle=8076,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=6052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=6064,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=7336 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --always-read-main-dll --field-trial-handle=6272,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --string-annotations --pdf-upsell-enabled --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --always-read-main-dll --field-trial-handle=6060,i,1903769782934914402,1803080771192226372,262144 --variations-seed-version --mojo-platform-channel-handle=7576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=133.0.6943.99 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=133.0.3065.69 --initial-client-data=0x240,0x244,0x248,0x23c,0x2f4,0x7fffcc5ef208,0x7fffcc5ef214,0x7fffcc5ef220
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --always-read-main-dll --field-trial-handle=1832,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=2120 /prefetch:11
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --always-read-main-dll --field-trial-handle=2092,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=2088 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --always-read-main-dll --field-trial-handle=2412,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=2376 /prefetch:13
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4416,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4420 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4416,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4420 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4572,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4576 /prefetch:14
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\VanishRaider-main\" -spe -an -ai#7zMap16184:96:7zEvent17441
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4636,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4424 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4624,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4460 /prefetch:14
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --message-loop-type-ui --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4612,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4576 /prefetch:14
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\VanishRaider-main.rar"
C:\Users\Admin\Downloads\New folder\vanish.exe
"C:\Users\Admin\Downloads\New folder\vanish.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --window-position=-2400,-2400 --remote-debugging-port=9222 --profile-directory="Default"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=133.0.6943.60 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffa363dcf8,0x7fffa363dd04,0x7fffa363dd10
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --string-annotations --gpu-preferences=UAAAAAAAAADgAAAEAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1964,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=1960 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations --field-trial-handle=2220,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=2268 /prefetch:11
C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\133.0.6943.60\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations --field-trial-handle=2372,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=2540 /prefetch:13
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9222 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3028,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3168 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9222 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3040,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=3184 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --extension-process --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9222 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4208,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4240 /prefetch:9
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --string-annotations --enable-dinosaur-easter-egg-alt-images --remote-debugging-port=9222 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4588,i,1464431970104000674,13597125507657548839,262144 --variations-seed-version=20250618-180047.684000 --mojo-platform-channel-handle=4648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations --always-read-main-dll --field-trial-handle=4704,i,3680557553541716924,12189387703491955025,262144 --variations-seed-version --mojo-platform-channel-handle=4952 /prefetch:14
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.28.11:80 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 104.17.151.117:443 | www.mediafire.com | udp |
| US | 104.17.151.117:443 | www.mediafire.com | tcp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 8.8.8.8:53 | copilot.microsoft.com | udp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.68:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 2.18.27.68:443 | copilot.microsoft.com | tcp |
| US | 13.107.246.64:443 | api.edgeoffer.microsoft.com | tcp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.21.42.32:443 | the.gatekeeperconsent.com | udp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 172.67.41.60:443 | btloader.com | tcp |
| US | 172.67.170.144:443 | www.ezojs.com | udp |
| GB | 142.250.200.46:443 | translate.google.com | tcp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.21.32.1:443 | cdn.otnolatrnup.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 13.226.155.81:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | ag.dns-finder.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 104.21.42.32:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 34.36.200.111:443 | ag.dns-finder.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 172.67.11.120:443 | ad-delivery.net | tcp |
| US | 172.67.11.120:443 | ad-delivery.net | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 52.37.222.137:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | translate-pa.googleapis.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 52.37.222.137:443 | api.amplitude.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 104.21.32.1:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 8.8.8.8:53 | www.mediafiredls.com | udp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | link.rubiconproject.com | udp |
| US | 8.8.8.8:53 | link.rubiconproject.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.71.156:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.16.227:443 | www.google.co.uk | udp |
| US | 104.22.52.86:443 | cdn.id5-sync.com | tcp |
| GB | 184.26.57.73:443 | link.rubiconproject.com | tcp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | carbon-cdn.ccgateway.net | udp |
| US | 8.8.8.8:53 | carbon-cdn.ccgateway.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 3.237.175.195:443 | carbon-cdn.ccgateway.net | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | bshr.ezodn.com | udp |
| US | 172.67.142.121:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | id.a-mx.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | ups.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | id.hadron.ad.gt | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | api.rlcdn.com | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | id.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.120:443 | id5-sync.com | tcp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| GB | 87.248.114.11:443 | ups.analytics.yahoo.com | tcp |
| DE | 79.127.216.47:443 | id.a-mx.com | tcp |
| IE | 34.247.95.214:443 | id.crwdcntrl.net | tcp |
| US | 34.120.133.55:443 | api.rlcdn.com | tcp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| US | 8.8.8.8:53 | c3.a-mo.net | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 79.127.227.46:443 | c3.a-mo.net | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | c82f7ebcd8edeec63ca208b380c73658.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | c82f7ebcd8edeec63ca208b380c73658.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep1.adtrafficquality.google | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.187.225:443 | c82f7ebcd8edeec63ca208b380c73658.safeframe.googlesyndication.com | udp |
| GB | 142.250.187.225:443 | c82f7ebcd8edeec63ca208b380c73658.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | connectid.analytics.yahoo.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | lbs.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | lbs.eu-1-id5-sync.com | udp |
| US | 8.8.8.8:53 | script-api.ccgateway.net | udp |
| US | 8.8.8.8:53 | script-api.ccgateway.net | udp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 151.101.65.229:443 | cdn.jsdelivr.net | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| NL | 178.250.1.39:443 | static.criteo.net | tcp |
| US | 13.226.155.86:443 | connectid.analytics.yahoo.com | tcp |
| GB | 18.165.159.204:443 | cdn.prod.uidapi.com | tcp |
| DE | 54.192.97.71:443 | tags.crwdcntrl.net | tcp |
| DE | 54.36.119.82:443 | lbs.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | download2295.mediafire.com | udp |
| US | 8.8.8.8:53 | download2295.mediafire.com | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | tcp |
| US | 199.91.155.36:443 | download2295.mediafire.com | tcp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | ingestion-router-api.ccgateway.net | udp |
| US | 8.8.8.8:53 | ingestion-router-api.ccgateway.net | udp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 142.250.187.193:443 | cdn.ampproject.org | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| N/A | 127.0.0.1:443 | tcp | |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 199.91.155.36:443 | download2295.mediafire.com | tcp |
| US | 104.21.112.1:443 | otnolatrnup.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | dnacdn.net | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | ag.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| US | 8.8.8.8:53 | gem.gbc.criteo.com | udp |
| NL | 185.235.87.65:443 | gem.gbc.criteo.com | tcp |
| NL | 185.235.87.2:443 | ag.gbc.criteo.com | tcp |
| US | 8.8.8.8:53 | ww3.qktrackapp.com | udp |
| US | 8.8.8.8:53 | ww3.qktrackapp.com | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| GB | 54.230.10.123:443 | ww3.qktrackapp.com | tcp |
| GB | 54.230.10.123:443 | ww3.qktrackapp.com | tcp |
| US | 8.8.8.8:53 | go.etoro.com | udp |
| US | 8.8.8.8:53 | go.etoro.com | udp |
| GB | 23.206.73.109:443 | go.etoro.com | tcp |
| US | 8.8.8.8:53 | marketing.etorostatic.com | udp |
| US | 8.8.8.8:53 | marketing.etorostatic.com | udp |
| US | 8.8.8.8:53 | etoro-cdn.etorostatic.com | udp |
| US | 8.8.8.8:53 | etoro-cdn.etorostatic.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 2.22.96.95:443 | etoro-cdn.etorostatic.com | tcp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| N/A | 127.0.0.1:443 | tcp | |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| US | 8.8.8.8:53 | update.googleapis.com | udp |
| GB | 142.250.200.3:443 | update.googleapis.com | tcp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| US | 8.8.8.8:53 | secure.quantserve.com | udp |
| DE | 91.228.74.244:443 | secure.quantserve.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| US | 8.8.8.8:53 | rules.quantcount.com | udp |
| US | 13.226.155.120:443 | rules.quantcount.com | tcp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| US | 8.8.8.8:53 | pixel.quantserve.com | udp |
| DE | 91.228.74.159:443 | pixel.quantserve.com | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| US | 104.17.151.117:443 | static.mediafire.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 104.22.75.216:443 | btloader.com | tcp |
| US | 52.37.222.137:443 | api.amplitude.com | tcp |
| US | 172.67.11.120:443 | ad-delivery.net | tcp |
| FR | 13.37.187.223:443 | g.ezoic.net | tcp |
| GB | 142.250.200.46:443 | translate.google.com | udp |
| US | 104.21.32.1:443 | otnolatrnup.com | udp |
| US | 104.21.32.1:443 | otnolatrnup.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| US | 8.8.8.8:53 | privacy-location-edge.ccgateway.net | udp |
| US | 8.8.8.8:53 | privacy-location-edge.ccgateway.net | udp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| US | 172.67.23.234:443 | id.hadron.ad.gt | tcp |
| US | 172.67.73.78:443 | www.mediafiredls.com | tcp |
| US | 52.91.215.149:443 | privacy-location-edge.ccgateway.net | tcp |
| GB | 142.250.179.238:443 | fundingchoicesmessages.google.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 8a320a5ae1e58cc5f86f42cd08cfbd59.safeframe.googlesyndication.com | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| GB | 172.217.16.225:443 | 8a320a5ae1e58cc5f86f42cd08cfbd59.safeframe.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | 8a320a5ae1e58cc5f86f42cd08cfbd59.safeframe.googlesyndication.com | udp |
| DE | 162.19.138.120:443 | lb.eu-1-id5-sync.com | tcp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| US | 52.91.215.149:443 | privacy-location-edge.ccgateway.net | tcp |
| NL | 178.250.1.11:443 | dnacdn.net | tcp |
| GB | 142.250.140.132:443 | ep2.adtrafficquality.google | udp |
| GB | 216.58.204.68:443 | www.google.com | udp |
| GB | 216.58.201.97:443 | tpc.googlesyndication.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 199.91.155.36:443 | download2295.mediafire.com | tcp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.66:443 | securepubads.g.doubleclick.net | udp |
| GB | 142.250.200.34:443 | ep1.adtrafficquality.google | udp |
| US | 104.21.112.1:443 | otnolatrnup.com | udp |
| US | 199.91.155.36:443 | download2295.mediafire.com | tcp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| US | 8.8.8.8:53 | woreppercomming.com | udp |
| GB | 54.230.10.67:443 | woreppercomming.com | tcp |
| US | 8.8.8.8:53 | www.chancial.com | udp |
| US | 8.8.8.8:53 | www.chancial.com | udp |
| US | 104.21.79.34:443 | www.chancial.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| US | 8.8.8.8:53 | www.opera.com | udp |
| DE | 3.72.221.28:443 | www.opera.com | tcp |
| DE | 91.228.74.159:443 | pixel.quantserve.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 150.171.27.11:443 | edge.microsoft.com | tcp |
| GB | 2.18.27.82:443 | www.bing.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 8.8.8.8:53 | static.edge.microsoftapp.net | udp |
| US | 13.107.246.64:443 | static.edge.microsoftapp.net | tcp |
| US | 150.171.28.11:443 | edge.microsoft.com | tcp |
| US | 199.232.214.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 142.250.117.102:443 | apis.google.com | udp |
| N/A | 127.0.0.1:9222 | tcp | |
| GB | 172.217.16.238:443 | play.google.com | udp |
| GB | 172.217.16.238:443 | play.google.com | tcp |
| GB | 172.217.16.238:443 | play.google.com | udp |
| N/A | 127.0.0.1:9222 | tcp | |
| US | 104.26.0.100:443 | get.geojs.io | tcp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| US | 8.8.8.8:53 | edge.microsoft.com | udp |
| NL | 149.154.167.220:443 | api.telegram.org | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8aaaf93e374531d658f2daabde509fae |
| SHA1 | e2ac160ea6f3058214705265dfb774ab8e5fd295 |
| SHA256 | dee31a377529f1094d3443c041ae99e800701a0e1a3a3692ea47258441a1a436 |
| SHA512 | 78ba3d46c7d68c990ffec8cc1d239d967071de56905c049ad9e70f5976b83798294d0866812f569987316130e2a08f54cf3336ea04ef564ad4983c42c12bdd61 |
\??\pipe\crashpad_4380_HBSSVJAXFBBZLVZA
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 39fb4c6f2a65fbbd5af96bc829bdee31 |
| SHA1 | c29df4ab9d8b81857fffe6ebad3822fca60d081c |
| SHA256 | fa0155bd3f221d417174eb05f9f2ace3b8d2481de114fda7996342e005612dc4 |
| SHA512 | 6e3eafa0b53b754ba4fcbedbd70d25bdb06ccad72904bca7522fdb13548683f56c38c95b5ffab951921038924ee222295cf02dc8d9eeb7b77ad5cc992f3ddb3b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\Downloads\VanishRaider-main.rar:Zone.Identifier
| MD5 | 47675b9c1f4f0fe560a6936489ad393f |
| SHA1 | 5e56a38c2e166ccdfc20c027ed1ea3170d2e5517 |
| SHA256 | 5cd15a056584e522aa454861ff9048e976b13641223e2107ff53afc4be17fdeb |
| SHA512 | 8eb2691122863ff9dd6ec3b2e94be3e01e997ed3e9182f79fd65b57592004282c513901fc4f0ce510b1af14ea784ab79e568e56bb1404bc81afbca3bc23eb719 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\Logs\sync_diagnostic.log
| MD5 | eaafd394555be007264fb6e7c4d057c9 |
| SHA1 | 708a339e1d00c568895a8fb4caa7c45465342c91 |
| SHA256 | cb229db34ac104b71f54c670e233a5888f0ece6d5d1d2b1323ddccb4f34aaf9c |
| SHA512 | 1dcdf5ebba28f29afad021ec47d2b809f265bc32afc3340dc2a6888d7d92cd54891b0a60f713ef5ca4592b3b6b203781b868ea5d90455e63aad35310df9895bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\HubApps
| MD5 | 06d55006c2dec078a94558b85ae01aef |
| SHA1 | 6a9b33e794b38153f67d433b30ac2a7cf66761e6 |
| SHA256 | 088bb586f79dd99c5311d14e1560bbe0bb56225a1b4432727d2183341c762bcd |
| SHA512 | ec190652af9c213ccbb823e69c21d769c64e3b9bae27bea97503c352163bf70f93c67cebbf327bfc73bfd632c9a3ae57283b6e4019af04750fe18a2410a68e60 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 25afe74a5da30d05274286be706f9c34 |
| SHA1 | e279bfb44a162750690dafc9742c2efe2b6d837e |
| SHA256 | 79a78139d3cebfddb3bd87eb4e9f6d4fc86743e533a26d7767faef507aac2654 |
| SHA512 | c2fc5c862dd86a1f6e97eadd7959ffc698b52aebcf90fac783ae0df6c54b717846e7a43f15c922cbd71f1b3c77408187b7bbd597b794ca3ef70448ddefb3ce1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7f8f8c2d75c24783c6d6dcee871595a9 |
| SHA1 | 9387c825d065fa98f3302e1169e6db07715c7fc6 |
| SHA256 | 9fa9b9262f32a899bda4eb4f2c8d491ce6cafc6a1b798a2e06992b12478ed246 |
| SHA512 | 8d0a58186670ec1bec2f7d40c8f044d4fa38504943df5484857f1523c5b2020f6f18350efa3971bda07d1333c475b2e2cfde473f2022e16d17fb8e759a1466b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
| MD5 | 35a2646ee635dc3063beaac925533167 |
| SHA1 | 0062c081dff261fb9969893c0350f40a24874319 |
| SHA256 | 8137219a166fca9352b1633d07fd2b57371f70ba261f0ff0914e922b5dc56dbd |
| SHA512 | 98354ed363d3c08c7937d76ad47b41b9bb0994848f4b6abce9b04ae68a9806dd8f41bd3ea75642e2f95e3a764d97fd8e0a404b59bb1e4e250467192b3a3ce39f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries
| MD5 | 20d4b8fa017a12a108c87f540836e250 |
| SHA1 | 1ac617fac131262b6d3ce1f52f5907e31d5f6f00 |
| SHA256 | 6028bd681dbf11a0a58dde8a0cd884115c04caa59d080ba51bde1b086ce0079d |
| SHA512 | 507b2b8a8a168ff8f2bdafa5d9d341c44501a5f17d9f63f3d43bd586bc9e8ae33221887869fa86f845b7d067cb7d2a7009efd71dda36e03a40a74fee04b86856 |
C:\Users\Admin\Downloads\VanishRaider-main (1).rar:Zone.Identifier
| MD5 | 91a932dcd7bffe18428528359af8f18f |
| SHA1 | bee30924f7cdee4b6332c7e53726c14e0e5acf36 |
| SHA256 | 467b8610308d08ee1a4d30fd9ed93e238352b3020d19a8417c51df22eed98b3e |
| SHA512 | 0f2e141a64a55088b078d789159fde7bf407ebcd5583528a380cde89f573b104c29045dc1dd923fff562e4bbf1f710443a2ba5d617292cbd625030bcab074fc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 262aee3b0dac303873e84970a4cd751e |
| SHA1 | d8bc1d7f0e81d7f4de92c424da7a788a1ceb99b2 |
| SHA256 | 2663d5a0ccdd03e1bc9d78eb399c06980e5672069aa6baa88bea5f0255b5c2af |
| SHA512 | f9aa605e352083cb48535e43ace11f5198e80e37019d8e185193f2f9579426847443dc1388e788c930ee0b951429a4576c660f10b647208e363a83101c1dc812 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 32a60a95c5b165b397761f411d1ce7e9 |
| SHA1 | 97b880b3c59cdce863312ce97b641cbbeedeb0d8 |
| SHA256 | bff6124e14a262a5efe1c1657cba06b117c2fadc4c57d303906f37d030378e4a |
| SHA512 | e433edb8ed7be3de08141cbc081e97dab62a2265e266320bbea543afb1f5b31c49799499ee2dac7981edeb5a97b8e8ec2c3f03c62d7ec4655b40337dd6121a9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 97adbe6251b43ae41c9f945f84600181 |
| SHA1 | 5455e41dd2091f39a1b723c14b7c0c68b9b39ff9 |
| SHA256 | 013a29138e8a78588af1a7bae1186a665e92e4ee2cadcbf1c45972c469fafcea |
| SHA512 | 2444d0ea26677ddf3f2a1c2c7647f21b5b36ed3bf74f74826e7465026088902139f3d0310ae118a1c1c936fa9d2ea89e16e0ab5cf5f69a4acaf194c3fb92975f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 1b18b0c55b3c1d46662b168dcf46c21f |
| SHA1 | 8df883528c6d08a1819843787bd43cf6386dc7fc |
| SHA256 | c24e1762fb4217d694cc53f6ff141d2e2964bd35637ef3421df2a012e58c2e65 |
| SHA512 | 9fb99ad6323ab03ec83e27bb3300f4b6884ecabf59d6f6e9f07a59c9848c1e90ff46c95b311b67d9f6969210369f17ef92d9f7807e8ac2dcecabce901004a9d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 223c7297fe9abb4b3c549900b897936a |
| SHA1 | b26dbfef0b635623ca67dbddca3febfe9ab4a47a |
| SHA256 | 852956125b2944b20b46754591e1c17677cca20c85d0478af57976abe0e3e2ae |
| SHA512 | 0ae43dcbd9e8fc5e1aeedaccb253f35afa1f9887d7efaf6ae1c4c1352d4ea37ac282236ea75ee4e50d844b388794553ab39cdf4cb1f97386bc2d402324c6a3c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe57bd26.TMP
| MD5 | 233ea3b2d757306f676199842e47313c |
| SHA1 | f01c2073067175aeca56bd84ba5d63eec148cb5d |
| SHA256 | fc18ff238daaafe929f1de24413a2456ab2f63a330a06648d9221b0390e3b332 |
| SHA512 | 087b0c942cd7dcc4e8cb5d186d8fda00df89dc5a3c709070acfc6b8259d8dbf6f15c4b805f54fc72b086e18a4b41ec681ea6f22b322f5f600752959d8353a0cc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | 6794178beebd6ae5c96ebc33223c79b3 |
| SHA1 | 076680740143440b27b3def3d6edc394c2843b1d |
| SHA256 | 0c6fdf1454a88fdb493ec0f926245546b232a9f163dfec020c589855bc4161ff |
| SHA512 | 4ef9bc57c810b9c213482be44637bcf3114c4eb70c9b51318aaa7483b78f487ba672e719b6de3f3f220f357775abe206437b9452a83be82e75eae96be1c1cf5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DawnGraphiteCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 146e386c71783e8702a6a6267a9dfaa1 |
| SHA1 | 04be2dd2bae635fc62d1a9492a1a8d62cc1fc465 |
| SHA256 | ecc286207b24bc2846792357eb4a3d907d68775b2389b609e1f5041e7676087f |
| SHA512 | 9cc1a9835452479269864586d564691cd990374dca83a37d5281b0754a888f46c148493bcd945428a8966d329ad822cdd3f5cd9cd0420696ada5ea9fb570245c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 38473ffd9528ac1edbe9d6c09f01995b |
| SHA1 | a4c36310b0a4712a654d8b6948c1cd76908e5773 |
| SHA256 | 99f70a30dec4b1af5ae30c4d123610dff79fc68ce5e015259d07db230bba16e1 |
| SHA512 | 3f8664fb59deced3262cd28bf5da2b3612f0bc49602b48dde50ec7f5eef2f0452418c90b245c0fe464e9e90965f10dd9ef4c37e131d828552218dcaf60fbf002 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 3e45022839c8def44fd96e24f29a9f4b |
| SHA1 | c798352b5a0860f8edfd5c1589cf6e5842c5c226 |
| SHA256 | 01a3e5d854762d8fdd01b235ce536fde31bf9a6be0596c295e3cea9aaf40f3dd |
| SHA512 | 2888982860091421f89f3d7444cacccb1938ef70fc084d3028d8a29021e6e1d83eaef62108eace2f0d590ed41ece0e443d8b564e9c9a860fc48d766edb1dc3d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 9004ee94f40c523029e832865ec2cf39 |
| SHA1 | 1d46f847d8aa03c97be1c6f8d41dfc3d8cbf8920 |
| SHA256 | 1459aadbf8690d48325a86aa86786649d8d6f169544e5a62e20002d232b6d2ca |
| SHA512 | 6bea869eb066574c82d3471c9236ae36e910dfa995a579e5f2932e898210e4fe4b990c32b8a45df40f6559d784e8eb3d6de9327d11fdb9ccaa05972147cf8ac0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006f
| MD5 | 0151af8967e20ad314c45cda1bc65e8e |
| SHA1 | ed3d0743c2c1f3c8a7bc934e9112e934f5afef00 |
| SHA256 | 0a2828f2f95857baa1281f483ce0e078038a2c54a248d0fd1774213d3104a9f7 |
| SHA512 | 023e3b4321e7edb21cba63ebd0dccde5a678ffc9ba996340e8356e69e4ee7a1488bd898883599ac25312678263d126a110a8a1f951ad247bf105d8811ab4b8c5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006e
| MD5 | bc045e41540439b3a98a368a4c8868e5 |
| SHA1 | 04bf55dae49feb4cae5dba34137e3b7998be1d11 |
| SHA256 | 9bd1d90cf5c2baca327f34fe841dddd6636c73819b4bb79263d0558b06793b2c |
| SHA512 | 23a2ce036527f9d4ec64d01d19d0220651430bc7b4e495c2f98bfccfb7057880ecbd4eaecfcbc3bb2304f8ede544501731e6fc25370f27f249458248edbd380e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006d
| MD5 | 648823009b2c6dab3a2d9f74258a8916 |
| SHA1 | b2066566e85a351137ac3a41c1c8904cccd6410a |
| SHA256 | 1739d643058fbcf858e430da78b54e82550057e7979b3aa3d8a6434eeb039542 |
| SHA512 | 52267fc5299f8081d0f9916b25a7a16c60aa0ad446e676fbefd9b67fda73968aacfe04eb2ae87a470e4ea74a45b4d12847aaa2395e1431013d16efc745c85817 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006c
| MD5 | 9ad602a0416d53abef2ac363acd9568d |
| SHA1 | d18466024649d35f631f749176e54d71155da611 |
| SHA256 | 41b4056f7c8b9600208e6f704e41fabb9b0a76c2eb2340ca0d5cb2146cd1eb3a |
| SHA512 | ad1bc3fd51feba3d26538b0cb3c6b0db0e96be53ea4c938cf298257c382e0507fd0fb066b160d71e583881cfebc4cbc4ad5f731d788e1c2de98bac8182e9f5b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006b
| MD5 | 7653dd06d245c3475716852ea8f450af |
| SHA1 | 3f0007d7650fb4746074f4d2b279da88200e3bbb |
| SHA256 | 85b5f3f2b27aa3e178464e28fdb9d8a03573d8101379d446cb67172c04ffda6d |
| SHA512 | 2edf0c0b9ae286e507cdf8a0030988503067eec115323c93c2ce955f5f585679b4d99180e86ace41e5fdb1c7d948c7b8700aab121991191191b5c460aa828352 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00006a
| MD5 | 76c9b66927ce87209c22e2755da66b87 |
| SHA1 | cdbec59b112656e0fad99ce200bd139cc9738a6d |
| SHA256 | 9afa9bc0fffd7ef59a11982be0fcb5426247f08736cd87a74a97c210347fcfa2 |
| SHA512 | cfbf418c58212c07ff7057ecb402ac0cbc7a29f5dc3bd6ed88e7077a12f3a1a2cb5baad0a00c6f6ddcb445b62f70d4c04240b320281f1a2fc5a30d32e7b3f610 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000069
| MD5 | e90f3453002fa464ee8cf8471b7e6ec6 |
| SHA1 | 7b0725beeaeedd221ffbedce76e53ad51298b41b |
| SHA256 | 4da077d5e52e25232ca15c95fcd340d12b031e7a1f0532b1a08d9d01d538fce2 |
| SHA512 | 0415d1dd12dbc20a902744a46eb9157dd8c27b3ea051d035a5af9d0e08f0675938855d161fb2cabea982c19cddc7b7694c0f3f8a7516123510ab09e6a5cb53ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000068
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000067
| MD5 | 9871be9864d9f8748d5b5466c1cccb10 |
| SHA1 | eb73773243b85aebad9963a694eb203fb9261c05 |
| SHA256 | b9bdc3060833a831a74254057cc74a488505f9b5ec7655a80ee1aa83700d5fb3 |
| SHA512 | 6fb10b30f091a94afce9248866c23e0f60a11905bd5363243400a782eb8ea59ccd1e6d8331839689502c5aec730556dfc11f3fe84cf3fd3cfa87dd84fbada6bc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000066
| MD5 | e8909544781ab9a1a33a1030bba6081c |
| SHA1 | 0ef4dd034fb38a93316976d8c730841269b5b4f0 |
| SHA256 | e9d03ec6dc64a1f8daf997c802e7d3d76a185a1708a574b18dbb870470694bce |
| SHA512 | 1fc6b1135f1896910aad73ff676d69e2dbefab37911c2309859f5ea8505c60270d51a1e1fa007f6a9d5e9a125f7eac1dff16b2662460a1ca09734d002421a9d4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000065
| MD5 | a2ace47209dca2588e5b3676aaf89585 |
| SHA1 | 490560fc8b4af64f4c57bb76e774b4d19c214644 |
| SHA256 | c4520172576591a3b903f2548b3148ad5441ccceea13a28a4d793bf88a0fa53d |
| SHA512 | 3d258b2b57ee0ad004a6e33a1812647136f576b8fad3fb6d47960649d513a45082803468ab7e471b63021125c90236882881145d1a43a2f859e092934b157f04 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000064
| MD5 | 270bf5419f1abf7e5f7aac5be5222fad |
| SHA1 | 539f0941deff9d7a825d651ca31e12333c911e89 |
| SHA256 | 03fec39c40136f5be231ad9a6067e41bb93811406ce5e9c365599720cea1f0e4 |
| SHA512 | 8df31cbab08ce4c021e4af0d135b9b61d1932ec13ce1fb734c50e663df694a4643fa59044bd1fc56f08f53db5566563a8eea44c8bb44bea26f15219e16467b5a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000063
| MD5 | a973b86340b8180e01f4ffc8ee8544c6 |
| SHA1 | e63291b7306bb539452d556f9483cf603ffddf50 |
| SHA256 | aed90de992d879d0df3a4ebacc7b1238b2797e731401a22da7b44cdf124a9925 |
| SHA512 | 2022c14e51bc9c6b207a0d9accf8129b52c3f3bdb1ca23f69d8143bd3ddfdc9c0bcbb8655868aeeca87b1c6c08ce6d74fc567534a25c958437df8e3a21734da2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000062
| MD5 | 660c3b546f2a131de50b69b91f26c636 |
| SHA1 | 70f80e7f10e1dd9180efe191ce92d28296ec9035 |
| SHA256 | fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9 |
| SHA512 | 6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000061
| MD5 | 22b9353db4911624d0757680ae498552 |
| SHA1 | 1ed12140167835b105000dbcc6069b72c140d5cc |
| SHA256 | 1d0b444368c0fc4c75fe2f8f4ee5732bc3c8729c15575aa15f2b74a8eb37121a |
| SHA512 | 2c782d8d67c96a5b3d6e25300ab80e44d345c6e902a766a7085617fb39501b430fac5cfc06b2c432aeacb42654e05a0200992727806982702d0d561f467c8de0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_000060
| MD5 | b17ef632fe20de78ba454ff9797f6673 |
| SHA1 | ec928bee3685a815d8e10cd7259ee22b1cd064cf |
| SHA256 | e8c2aebb8805e18098aad2b050361bd03ffdb502a0509c68c2148547c31936b2 |
| SHA512 | 7f72cf691238e87aba2a8e6bc3a4a813632e9e9ef429dd4db44eaee5a2db42e916317a1cd0c41d1447315fe9ca3bebf1187ebcfdea3a5c49652da2c6f56c96da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005f
| MD5 | aed998c5e469075f97e8f47e60331224 |
| SHA1 | d251f0d79c72a39b19ae4064735b5765e011acdf |
| SHA256 | e7a4d1320776afe51dfad2e322379a0cc09cabad863d2c6d6bbf34fec1912c1d |
| SHA512 | 2fe785be4183b572465dfa6c59e7a5a2632a29f9d5dee639b0b3f50a52a10f9e391e69a24397ed6af75451126236578cedd56ccc08a70c2f780f2bc86ff3453e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005e
| MD5 | 7ef8a01460858e863c15b61ed4303c25 |
| SHA1 | 9489476a1707877d67a12b296abb9f4606763491 |
| SHA256 | 7878b94e219dec0ebfcdfa7da88e3b66bde85617c3f2292b5077ace664d79570 |
| SHA512 | a69af96a08cf767c0722fb439749bac5aa38a711b63c73d5cf4ade717d4beab55129feb612f136c2ccf669cc4fb548c098e1bb9cd1a9cddbeaf32fda8d08330c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\f_00005d
| MD5 | d7d8309ef9554ae7beb3f2ece374f9ff |
| SHA1 | 36144ef5ff0dbbba8c2231e641003a20fe07910c |
| SHA256 | 1a0318689977d3599a0763dd237d6d094c1213df7cf5467a52d99d08dfa39851 |
| SHA512 | 171763a4d0297cc16acdef9b0489a9af1d0792b6b7487c8f46bc92f254d18193363f1ad7d0022596497813a7c52b7aa9c182603e0a28418569a2752073cd173f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | b02f17f39fcbd4718238b5d53ec10784 |
| SHA1 | 9cde70e7432b5be572b1e496a5c7f02f6de5b8b4 |
| SHA256 | f0c81ef72be8d8c2007fa8dbdf0f60dc0b3bc80d0a1b0d6dfb01cdc9eb489865 |
| SHA512 | f1d4d0685eac2c09602422d81f089e36c02d7da33f182c23bc3839ff6251002ae1067015ac3dd7fcb09a0928f6abb27cea21b504dec30dc138b2648d88b2cc7b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 89bb352fb26cfa037efe13768a350bc7 |
| SHA1 | 27478cf9672fb80fb4b0b2c179fffae488fc8529 |
| SHA256 | 07f49c75ea67313aa37ac2d213410bfc67e872e72a97d98b9b913eb20a23957d |
| SHA512 | c623581ddd37be288e95cda8f87bce7de6b2441dfaf5091677c8862e4ed9f19e79e636130c5d9432962ea3aa466b6d1d674ab35b0a99a52d600faf699b1a76f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 47473c8c2687a4e12445e0657ce5d6c5 |
| SHA1 | 82ed98f8015c824efb8fe7f9cba3c189717811e9 |
| SHA256 | cfa9f2b600bb541905458e54100679976aeab1e6f9270ecd483864f013572965 |
| SHA512 | 2787a0c8987985e5a63b788bd7df52e8cda0ed4d9d7976bef830dcc727ed465bab9bb27fed0aa09b6aacb0028a44d0c65b5aac565ff9704d7fe2fe34b6cebbc4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\data_1
| MD5 | f5375164c20e8e4df505bed6b986e884 |
| SHA1 | 41d99870a907bd6aebf8a8c38bedd8df104bf4cb |
| SHA256 | 11de5a1103f60be282dc96ac5e0818d20ac19c852a443e4aed14bade94e9e560 |
| SHA512 | 56eb1461bf7d29b55a10c13fd91755eee76fb94fcb32167a3477f80d675f65584cd848464b5b5e1f3e4010fc332b62765ee66eb9deb4bf7726d02ab724af0e39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | bf120ce5ee893f83f28401a4621007ea |
| SHA1 | c264e21d159147693ee2fc475c4ab02bdb02e6b4 |
| SHA256 | db1e0e5111bd6964218929bbe4b2c2b6264599a08af16f1067d9ad9e72d02f92 |
| SHA512 | f33b6b823d97ec649a4f1f561abcbc67e85a55d61138eac6a0e58eceb4b20d676c7f2fef710179156b91b6ed3ad2d775798f10a9372699ea9b48d9cc33f1bef0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Edge Cloud Config\CloudConfigLog
| MD5 | 81ea646f1c961928b7c9d96a266beb54 |
| SHA1 | 5d04e7943a91c74b34d0cbc39b5a6ee972913ee2 |
| SHA256 | 8faa539b92ec7c296f0d5e21cae3cd4300ec0c1ae3cdcf304dd5d3a0dc111c81 |
| SHA512 | f0a3b70aa99dc50999e5366390a0f8a1a648ae3da062bb2134d3dbcad7d9d34e16a8de10304926cec93381f208b9e76769ff8b78c05f6e3c7a3b61cdb19c0f07 |
memory/1592-857-0x0000023936340000-0x0000023936368000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0e09d5b4623dc12795520533936ed9cf |
| SHA1 | d316c2c96eab4d312fc2431905270f26337b1f9c |
| SHA256 | 1aae5f0e6ebb50ef490a70373e7e01a332342e2fb843c07f7a7d7cddd26c63e5 |
| SHA512 | 268a9bee96581d4910287889eb8ecb54a5409b0e54e45043cb5e7d1ab531d83a85690449361667a343b5b7fd8f4d4d9114de9187d9a11276bb88691141d441f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\67f3b581-1e43-42f0-a46e-55328dab0e31.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0
| MD5 | 8ab1dfd0c2bde21f0705e0275360b7b7 |
| SHA1 | 951cbcf8f673db8f3e3437ad93802730e4121c29 |
| SHA256 | fee03d7b98587b2f055649ca09deb2d63649aaaf1c8d3b336eb33fb5e7512444 |
| SHA512 | e93ba146c36157135c7b31d3b637203f3638c4f095bf17dac12d4ac3e1dd668e47b5cdf4cc235acf5a23fe67c94b7bc5b9b64f1ba6672819ee21b6315ffb46a4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 91330a4aa1f57dfd0ddbdd2911227164 |
| SHA1 | 01306abf533cae1f9b0f908e156cc2d0be8ada6e |
| SHA256 | f8d209c93928f113b61ac571d69e997f6d971e1090be5d00484635df2a227ea7 |
| SHA512 | 89f6b3f1c0cfc828b78332098244fa01401e14b7fc4378940740fe2451392133ed99433a9783088d82c0cf9faaa392daa52e3742e6a811e5b9f6db0112f41742 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma
| MD5 | f05b0294ae4949feed0706bc80fa6418 |
| SHA1 | 346bb7d2d99251c193652ad4ae7ef2964565b98d |
| SHA256 | 1c02e2feba3b2af3c045d1ed01f8a67e0923f7e357b32c434e567eef6aac4138 |
| SHA512 | 348366e162f3a037e74d0e9ff422ba7ca3e14c2b170f50bab2a4b88b29a572028e56965c332bc63cbe89de1a3467c215893ecf3cac514d786ec7ea30c08bcc05 |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\LICENSE
| MD5 | ee002cb9e51bb8dfa89640a406a1090a |
| SHA1 | 49ee3ad535947d8821ffdeb67ffc9bc37d1ebbb2 |
| SHA256 | 3dbd2c90050b652d63656481c3e5871c52261575292db77d4ea63419f187a55b |
| SHA512 | d1fdcc436b8ca8c68d4dc7077f84f803a535bf2ce31d9eb5d0c466b62d6567b2c59974995060403ed757e92245db07e70c6bddbf1c3519fed300cc5b9bf9177c |
C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping3772_391580775\manifest.json
| MD5 | e0909520982fc48e47a6451443b11741 |
| SHA1 | 0e46425274933c153ebf5a03f25e693267a8cea2 |
| SHA256 | 2e9e6138305d702f3c9b89d6e9dc4931b548c69bb86db64e585fa2e37b8ef654 |
| SHA512 | 3fdf504cb0bf39a807fa15a8ec31a6efd8083888692935ec31d70b4ef6eef89b8527c6a75a46bf7ae3efeeaa507ac3c7cccda5246a2f073ac603a7ffa10d20a8 |