Overview

overview

8

Static

static

3

WaveInstaller (1).exe

windows7-x64

3

WaveInstaller (1).exe

windows10-2004-x64

8

Analysis

  • max time kernel
    2700s
  • max time network
    2603s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-06-2024 05:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WaveInstaller (1).exe

  • Size

    1.5MB

  • MD5

    b075f4320e46d0d5e78a649e8ee011cc

  • SHA1

    b0dd50171323f0f83dbea0340e9ed8cf44bea38e

  • SHA256

    8581823244a50bbed9709d09f3eba29dd9989681d96bff2b6c19245053069feb

  • SHA512

    e08024b5fa50dc344ca18413a6c21e0f20490c22c90c565d6f663014f1673643da1d5d748e0cefca8a7cbae91a62470289803ad588d3aa5cf3dc6292d7393d47

  • SSDEEP

    24576:VviinbT3ipyqwPx4x3RyFoBkkAd04wJAAh/jV1gJcPNZI6fntX3HOt2pq081ind2:MinbT3ipTD0anywJAaD/3U2pqjindT

Score
8/10
adwarediscoverypersistenceprivilege_escalationstealer

Malware Config

Signatures

  • Boot or Logon Autostart Execution: Active Setup 2 TTPs 7 IoCs

    Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    persistence
  • Downloads MZ/PE file
  • Event Triggered Execution: Image File Execution Options Injection 1 TTPs 4 IoCs
    persistence
  • Checks computer location settings 2 TTPs 12 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Event Triggered Execution: Component Object Model Hijacking 1 TTPs

    Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    persistenceprivilege_escalation
  • Executes dropped EXE 64 IoCs
  • Loads dropped DLL 64 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks for any installed AV software in registry 1 TTPs 25 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Installs/modifies Browser Helper Object 2 TTPs 8 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

    stealeradware
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 8 IoCs
  • Checks system information in the registry 2 TTPs 30 IoCs

    System information is often read in order to detect sandboxing environments.

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of NtCreateThreadExHideFromDebugger 3 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 64 IoCs
  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 15 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 55 IoCs
  • Suspicious use of SendNotifyMessage 32 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of UnmapMainImage 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • System policy modification 1 TTPs 4 IoCs
    evasion
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\WaveInstaller (1).exe
    "C:\Users\Admin\AppData\Local\Temp\WaveInstaller (1).exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1856
    • C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe
      "C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe"
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Loads dropped DLL
      • Checks for any installed AV software in registry
      • Enumerates connected drives
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3600
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=gpu-process --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=2028 /prefetch:2 --host-process-id=3600
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:2556
      • C:\Users\Admin\AppData\Local\Luau Language Server\node.exe
        "C:\Users\Admin\AppData\Local\Luau Language Server\node.exe" server --process-id=3600
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Suspicious use of WriteProcessMemory
        PID:456
        • C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave-luau.exe
          "C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave-luau.exe" lsp "--definitions=C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\globalTypes.d.luau" "--definitions=C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\wave.d.luau" "--docs=C:\Users\Admin\AppData\Local\Luau Language Server\shared\bin\en-us.json"
          4⤵
          • Executes dropped EXE
          PID:2908
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --field-trial-handle=2812,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=2808 /prefetch:3 --host-process-id=3600
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of AdjustPrivilegeToken
        PID:3088
      • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
        "C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of WriteProcessMemory
        PID:3860
        • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
          "C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe" /silent /install
          4⤵
          • Executes dropped EXE
          • Drops file in Program Files directory
          • Suspicious use of WriteProcessMemory
          PID:7740
          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\MicrosoftEdgeUpdate.exe
            "C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
            5⤵
            • Event Triggered Execution: Image File Execution Options Injection
            • Checks computer location settings
            • Executes dropped EXE
            • Loads dropped DLL
            • Checks system information in the registry
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious use of WriteProcessMemory
            PID:744
            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Modifies registry class
              PID:1668
            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Modifies registry class
              • Suspicious use of WriteProcessMemory
              PID:4448
              • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
                "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                • Modifies registry class
                PID:3868
              • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
                "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                • Modifies registry class
                PID:3892
              • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
                "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
                7⤵
                • Executes dropped EXE
                • Loads dropped DLL
                • Modifies registry class
                PID:6092
            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTJFQzczQkUtNDNFRi00MDRBLTkxMzYtNkJCQjE3RTlERDk3fSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFRURBNUI2RS00QTVGLTREODAtQUM1OC1EQTMzQ0IzMDA2REN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RHhPYmpIR2ErblJhMmF0QzN3bytJRXBDNzgrWlllQVVia1hwREMyY2o3VT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny4zNyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYwNTUzMTY2MjgiIGluc3RhbGxfdGltZV9tcz0iMTk4MSIvPjwvYXBwPjwvcmVxdWVzdD4
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              • Checks system information in the registry
              PID:3336
            • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
              "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{A2EC73BE-43EF-404A-9136-6BBB17E9DD97}" /silent
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:5028
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --field-trial-handle=6552,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=6548 /prefetch:8 --host-process-id=3600
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        PID:4684
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=renderer --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=6624,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=6612 --host-process-id=3600 /prefetch:1
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        PID:1072
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=renderer --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --no-sandbox --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=6684,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=6676 --host-process-id=3600 /prefetch:1
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        PID:4936
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --field-trial-handle=7776,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=6400 /prefetch:8 --host-process-id=3600
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Suspicious behavior: EnumeratesProcesses
        PID:6576
      • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
        "C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-sandbox --locales-dir-path="C:\Users\Admin\AppData\Local\CefSharp\locales" --log-severity=disable --resources-dir-path="C:\Users\Admin\AppData\Local\CefSharp" --lang=en-US --user-data-dir="C:\Users\Admin\AppData\Local\CEF\User Data" --cefsharpexitsub --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=6900,i,4720817674037256497,16962753559825043741,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI --variations-seed-version --mojo-platform-channel-handle=6880 /prefetch:8 --host-process-id=3600
        3⤵
        • Executes dropped EXE
        • Suspicious behavior: EnumeratesProcesses
        PID:5344
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x504 0x4ec
    1⤵
      PID:6188
    • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
      1⤵
      • Executes dropped EXE
      • Loads dropped DLL
      • Checks system information in the registry
      • Modifies data under HKEY_USERS
      • Suspicious use of WriteProcessMemory
      PID:3212
      • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTJFQzczQkUtNDNFRi00MDRBLTkxMzYtNkJCQjE3RTlERDk3fSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4M0RFN0E3OC00MTVDLTRCNzgtQUQ4Qi1ENDY5RENEQkI2QjR9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTEwLjAuNTQ4MS4xMDQiIG5leHR2ZXJzaW9uPSIxMTAuMC41NDgxLjEwNCIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYxMjUyNjQ4MjEiLz48L2FwcD48L3JlcXVlc3Q-
        2⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Checks system information in the registry
        PID:6076
      • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\MicrosoftEdge_X64_126.0.2592.81.exe
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
        2⤵
        • Executes dropped EXE
        • Suspicious use of WriteProcessMemory
        PID:5676
        • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\EDGEMITMP_20CBB.tmp\setup.exe
          "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\EDGEMITMP_20CBB.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\MicrosoftEdge_X64_126.0.2592.81.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
          3⤵
          • Executes dropped EXE
          • Drops file in Program Files directory
          • Suspicious use of WriteProcessMemory
          PID:5788
          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\EDGEMITMP_20CBB.tmp\setup.exe
            "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\EDGEMITMP_20CBB.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.127 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{06327991-3ADC-4A22-85B1-0F398A954DEF}\EDGEMITMP_20CBB.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.81 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff60c22aa40,0x7ff60c22aa4c,0x7ff60c22aa58
            4⤵
            • Executes dropped EXE
            PID:5204
      • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
        "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTJFQzczQkUtNDNFRi00MDRBLTkxMzYtNkJCQjE3RTlERDk3fSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5NkI4REMxOC03MzIxLTRFQUMtQUFFRi05M0I1MEQwQkIwMEZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI2LjAuMjU5Mi44MSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjE0OTY4NDExNSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjYxNDk3ODAxOTciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2OTAyNDQ3NDU1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8xMTEwYmY2My1jNmNlLTQ3MTQtOTY5Yi1iMzAyOGI0NDFjNDc_UDE9MTcyMDI0NDkxNCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1FZURGUVJZUk54U0NUZ1RYdnI2eGlvQUJFc05wcXJtVHZrU0tWSE15clUwREdQTmhLOUp3TXglMmZwJTJidUVRbWN2elYyNSUyZlpGbEhHd3dOaTF1ZHZjUjI0USUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3MzA4MjE2OCIgdG90YWw9IjE3MzA4MjE2OCIgZG93bmxvYWRfdGltZV9tcz0iNjYzNDUiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2OTAyNjU3NDIyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjkyMjEyMTczMyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzQyNTI3MzU3OCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjEyMzkiIGRvd25sb2FkX3RpbWVfbXM9Ijc1MjgxIiBkb3dubG9hZGVkPSIxNzMwODIxNjgiIHRvdGFsPSIxNzMwODIxNjgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjUwMzE0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
        2⤵
        • Executes dropped EXE
        • Checks system information in the registry
        PID:5812
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      PID:8112
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffdb1bfab58,0x7ffdb1bfab68,0x7ffdb1bfab78
        2⤵
          PID:5944
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1736 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:2
          2⤵
            PID:4260
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
            2⤵
              PID:6180
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2272 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
              2⤵
                PID:812
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                2⤵
                  PID:3636
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3336 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                  2⤵
                    PID:4800
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4224 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                    2⤵
                      PID:1872
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4256 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                      2⤵
                        PID:5140
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4492 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                        2⤵
                          PID:4820
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4540 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                          2⤵
                            PID:6660
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4592 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                            2⤵
                              PID:6856
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3680 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                              2⤵
                                PID:1112
                              • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
                                "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
                                2⤵
                                  PID:7064
                                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
                                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff70435ae48,0x7ff70435ae58,0x7ff70435ae68
                                    3⤵
                                      PID:2428
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4828 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                    2⤵
                                      PID:1496
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4912 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                      2⤵
                                        PID:4908
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4484 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                        2⤵
                                          PID:3060
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3536 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                          2⤵
                                            PID:5656
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2776 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                            2⤵
                                              PID:5268
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5256 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                              2⤵
                                                PID:7984
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5288 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                2⤵
                                                  PID:4456
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5568 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                  2⤵
                                                    PID:1212
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5552 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                    2⤵
                                                      PID:6388
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5200 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                      2⤵
                                                        PID:8044
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5556 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                        2⤵
                                                          PID:8052
                                                        • C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe
                                                          "C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"
                                                          2⤵
                                                          • Checks computer location settings
                                                          • Executes dropped EXE
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          • Suspicious use of FindShellTrayWindow
                                                          • Suspicious use of SendNotifyMessage
                                                          PID:6856
                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe
                                                            "C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" --app -channel production
                                                            3⤵
                                                            • Executes dropped EXE
                                                            • Suspicious use of NtCreateThreadExHideFromDebugger
                                                            • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of UnmapMainImage
                                                            PID:1836
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5664 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                          2⤵
                                                            PID:1020
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3448 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                            2⤵
                                                              PID:4416
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5624 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                              2⤵
                                                                PID:2076
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5660 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:2
                                                                2⤵
                                                                  PID:6060
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                                  2⤵
                                                                    PID:6760
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5500 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                                    2⤵
                                                                      PID:4668
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5676 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                                      2⤵
                                                                        PID:2976
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                                        2⤵
                                                                          PID:3960
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5928 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                                          2⤵
                                                                            PID:7996
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5364 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                                            2⤵
                                                                              PID:8080
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=3380 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                                              2⤵
                                                                                PID:7840
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5960 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                                                2⤵
                                                                                  PID:440
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4496 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5584
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 --field-trial-handle=1860,i,9523442828617921246,13497647775840727977,131072 /prefetch:8
                                                                                    2⤵
                                                                                      PID:3432
                                                                                    • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
                                                                                      "C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe" roblox-player:1+launchmode:play+gameinfo:iXrSBZ9VcWfR3oXriaWjPbR0XFyQkNE1N_JMayQmLP3g_hIQzXlTHNjECYN8kcxLSUfJG7ToKvWlCGzhk5jwDsNz5LlJHyOxQGYgjlAV8v0qmoCqlqx2fSVzvuhDaOmA_xMIdviztDu1-Os1KF4V0N0DwAtl0yulfWVbbECw3D4zlwRd_2KB4by6be6BwJCz71tdVaJTocEp9nFpGeVqZPuE20ihsLcb6sqb0jyXt0Q+launchtime:1719640503834+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1719640402847008%26placeId%3D14494334042%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D2c2157e6-0d69-4842-82fd-b26b05d85d80%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1719640402847008+robloxLocale:en_us+gameLocale:en_us+channel:zflag+LaunchExp:InApp
                                                                                      2⤵
                                                                                      • Checks computer location settings
                                                                                      • Executes dropped EXE
                                                                                      • Suspicious use of FindShellTrayWindow
                                                                                      • Suspicious use of SendNotifyMessage
                                                                                      PID:5964
                                                                                      • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe
                                                                                        "C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" --app -t iXrSBZ9VcWfR3oXriaWjPbR0XFyQkNE1N_JMayQmLP3g_hIQzXlTHNjECYN8kcxLSUfJG7ToKvWlCGzhk5jwDsNz5LlJHyOxQGYgjlAV8v0qmoCqlqx2fSVzvuhDaOmA_xMIdviztDu1-Os1KF4V0N0DwAtl0yulfWVbbECw3D4zlwRd_2KB4by6be6BwJCz71tdVaJTocEp9nFpGeVqZPuE20ihsLcb6sqb0jyXt0Q --launchtime=1719640507984 -j https://www.roblox.com/Game/PlaceLauncher.ashx?request=RequestGame&browserTrackerId=1719640402847008&placeId=14494334042&isPlayTogetherGame=false&joinAttemptId=2c2157e6-0d69-4842-82fd-b26b05d85d80&joinAttemptOrigin=PlayButton -b 1719640402847008 --rloc en_us --gloc en_us -channel zflag
                                                                                        3⤵
                                                                                        • Executes dropped EXE
                                                                                        • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                                        • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                        • Suspicious use of UnmapMainImage
                                                                                        PID:6472
                                                                                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                                                    1⤵
                                                                                      PID:4932
                                                                                    • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
                                                                                      1⤵
                                                                                      • Executes dropped EXE
                                                                                      • Checks system information in the registry
                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                      PID:5796
                                                                                    • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
                                                                                      "C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
                                                                                      1⤵
                                                                                      • Checks computer location settings
                                                                                      • Executes dropped EXE
                                                                                      • Suspicious use of FindShellTrayWindow
                                                                                      • Suspicious use of SendNotifyMessage
                                                                                      PID:3372
                                                                                      • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe
                                                                                        "C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" --app -channel production
                                                                                        2⤵
                                                                                        • Executes dropped EXE
                                                                                        • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                                        • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                        • Suspicious use of UnmapMainImage
                                                                                        PID:6328
                                                                                    • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                      "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
                                                                                      1⤵
                                                                                      • Executes dropped EXE
                                                                                      • Checks system information in the registry
                                                                                      • Modifies data under HKEY_USERS
                                                                                      PID:4396
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{628C3D30-1263-49A2-9EFC-F2C386F137BD}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{628C3D30-1263-49A2-9EFC-F2C386F137BD}\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe" /update /sessionid "{05F17872-41C1-46A0-A508-97A0967EE109}"
                                                                                        2⤵
                                                                                        • Executes dropped EXE
                                                                                        • Drops file in Program Files directory
                                                                                        PID:6532
                                                                                        • C:\Program Files (x86)\Microsoft\Temp\EU3FB2.tmp\MicrosoftEdgeUpdate.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Temp\EU3FB2.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{05F17872-41C1-46A0-A508-97A0967EE109}"
                                                                                          3⤵
                                                                                          • Event Triggered Execution: Image File Execution Options Injection
                                                                                          • Executes dropped EXE
                                                                                          • Checks system information in the registry
                                                                                          PID:7348
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
                                                                                            4⤵
                                                                                            • Executes dropped EXE
                                                                                            • Modifies registry class
                                                                                            PID:3244
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
                                                                                            4⤵
                                                                                            • Executes dropped EXE
                                                                                            • Modifies registry class
                                                                                            PID:5876
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                                              5⤵
                                                                                              • Executes dropped EXE
                                                                                              • Modifies registry class
                                                                                              PID:5860
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                                              5⤵
                                                                                              • Executes dropped EXE
                                                                                              • Modifies registry class
                                                                                              PID:7524
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.187.41\MicrosoftEdgeUpdateComRegisterShell64.exe"
                                                                                              5⤵
                                                                                              • Executes dropped EXE
                                                                                              • Modifies registry class
                                                                                              PID:7604
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDVGMTc4NzItNDFDMS00NkEwLUE1MDgtOTdBMDk2N0VFMTA5fSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7NjA2QTg5NzItRTQ2Qy00MURCLTk4M0EtQjVCQkFGOUUyMkRFfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTg3LjQxIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iNTEiIGluc3RhbGxkYXRldGltZT0iMTcxNTE5NTM0NCI-PGV2ZW50IGV2ZW50dHlwZT0iMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTgwMjAyODUzNSIvPjwvYXBwPjwvcmVxdWVzdD4
                                                                                            4⤵
                                                                                            • Executes dropped EXE
                                                                                            • Checks system information in the registry
                                                                                            PID:7824
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MDVGMTc4NzItNDFDMS00NkEwLUE1MDgtOTdBMDk2N0VFMTA5fSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5QkIwRTkwMC01OEJELTQ4NzYtQTY5Qy02MkI1MzkzOEZENTV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xODcuNDEiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPS10YXJnZXRfZGV2IiBpbnN0YWxsYWdlPSI1MSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iOTQ0NzA2MzI0OCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5NDQ3MTAzMjMwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5Nzc1OTI0Mjc1IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNGFkOWNiNmUtODI0NS00ZTQ3LWIyOTgtMWZmNGIwNDI1NmUxP1AxPTE3MjAyNDUyNDQmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9UTFPQzlwTEFsZ3FobHBad205OW1iUjR1RUhQRGJ3WnlNUnBua0ZLSFlzNU1wSHVMYzZmcjRNem9SRjRLTE94UE01YUx1elBUSHBsRDlYcDlBTnlCMXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMiIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5Nzc1OTQ0Mjk3IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy80YWQ5Y2I2ZS04MjQ1LTRlNDctYjI5OC0xZmY0YjA0MjU2ZTE_UDE9MTcyMDI0NTI0NCZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1RMU9DOXBMQWxncWhscFp3bTk5bWJSNHVFSFBEYndaeU1ScG5rRktIWXM1TXBIdUxjNmZyNE16b1JGNEtMT3hQTTVhTHV6UFRIcGxEOVhwOUFOeUIxdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2MzQzNzYiIHRvdGFsPSIxNjM0Mzc2IiBkb3dubG9hZF90aW1lX21zPSIyODYwNCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI5Nzc1OTY0MzAxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijk3ODExNjIyMTkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48cGluZyByPSI1MiIgcmQ9IjYzMzciIHBpbmdfZnJlc2huZXNzPSJ7MkY4OTMxNEItMDVFRS00QjVBLThGNUUtMjBGNEQwMjJDMDFEfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBpbnN0YWxsYWdlPSI1MSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNTk2NDg3MTM0NTQxMjYwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iNTIiIHI9IjUyIiBhZD0iNjMzNyIgcmQ9IjYzMzciIHBpbmdfZnJlc2huZXNzPSJ7NjdDRTBDNjEtNTA5MC00NjAzLUEwODMtMUU5QUZCREExRTIyfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjYuMC4yNTkyLjgxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzODQiPjx1cGRhdGVjaGVjay8-PHBpbmcgcj0iLTEiIHJkPSItMSIgcGluZ19mcmVzaG5lc3M9Ins2MThFQjRGQS03QzkzLTQ1MjktODYzOS1CMDZGQTVCREVDNEF9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
                                                                                        2⤵
                                                                                        • Executes dropped EXE
                                                                                        • Checks system information in the registry
                                                                                        PID:7816
                                                                                    • C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
                                                                                      1⤵
                                                                                      • Modifies Internet Explorer settings
                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                      PID:2392
                                                                                    • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
                                                                                      "C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
                                                                                      1⤵
                                                                                      • Checks computer location settings
                                                                                      • Executes dropped EXE
                                                                                      • Suspicious use of FindShellTrayWindow
                                                                                      • Suspicious use of SendNotifyMessage
                                                                                      PID:6648
                                                                                      • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe
                                                                                        "C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" --app -channel zflag
                                                                                        2⤵
                                                                                        • Executes dropped EXE
                                                                                        • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                        PID:5424
                                                                                    • C:\Windows\System32\rundll32.exe
                                                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                      1⤵
                                                                                        PID:4248
                                                                                      • C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe
                                                                                        "C:\Users\Admin\Downloads\Bloxstrap-v2.6.1.exe"
                                                                                        1⤵
                                                                                        • Checks computer location settings
                                                                                        • Executes dropped EXE
                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                        • Suspicious use of SendNotifyMessage
                                                                                        PID:7188
                                                                                        • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe
                                                                                          "C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\RobloxPlayerBeta.exe" --app -channel zflag
                                                                                          2⤵
                                                                                          • Executes dropped EXE
                                                                                          • Suspicious use of NtSetInformationThreadHideFromDebugger
                                                                                          PID:7324
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
                                                                                        1⤵
                                                                                        • Executes dropped EXE
                                                                                        PID:5368
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
                                                                                        1⤵
                                                                                        • Executes dropped EXE
                                                                                        • Checks system information in the registry
                                                                                        • Modifies data under HKEY_USERS
                                                                                        PID:7964
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mjg2MTgwODMtN0QzOS00N0E3LUI5N0EtMTkzMTM2MUI5MkZDfSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7NDEzRkM5NjYtNDhEQS00N0NBLTk1OUMtM0Q0NEI1ODEzRTJCfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O2hWZkRqTWRGRzZGZ0tzME56NmVtcllDU2c2VFF2RFBvbW9sUmF5UVhCSzQ9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzYy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IjExMC4wLjU0ODEuMTA0IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSJlbiIgYnJhbmQ9IkdHTFMiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSI1MSIgaW5zdGFsbGRhdGV0aW1lPSIxNzE1MTcxMjM1IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNTk2NDM3NjU3MzAzOTgwIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjExNDMyNSIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI3OTYxMjEyOTYiLz48L2FwcD48L3JlcXVlc3Q-
                                                                                          2⤵
                                                                                          • Executes dropped EXE
                                                                                          • Checks system information in the registry
                                                                                          PID:6976
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A102990D-F22E-43A7-A377-CD1DC003C85E}\BGAUpdate.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A102990D-F22E-43A7-A377-CD1DC003C85E}\BGAUpdate.exe" --edgeupdate-client --system-level
                                                                                          2⤵
                                                                                          • Executes dropped EXE
                                                                                          • Adds Run key to start application
                                                                                          PID:2728
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7Mjg2MTgwODMtN0QzOS00N0E3LUI5N0EtMTkzMTM2MUI5MkZDfSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins1MTEyODcyMy1BODE3LTQ0QUQtOTIyQy0wQUEzNTJDMjU4M0Z9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7MUZBQjhDRkUtOTg2MC00MTVDLUE2Q0EtQUE3RDEyMDIxOTQwfSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMi4wLjAuMzQiIGxhbmc9IiIgYnJhbmQ9IkVVRkkiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iLTEiIGluc3RhbGxkYXRlPSItMSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjgwMjgyNzE5NiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyODAyODU3MTY3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMjczNTkyNDI5IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvNWYxOTU2MTItMzg0YS00OGVhLTg0MDgtYjRlZGU5ZGM1NmJiP1AxPTE3MjAyNDU1NzkmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9VUl6bkRIVmxQa1JsZ0RCeVgzaWlPM2ljeU43NXcxN2hMSDBLTHpJS0tTeUdacE8lMmZvSzYwSG13RnBicW5NRWsyaVdLVnpORmVLSTBYYUFsNjRadUE1ZyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTMyNzM2MDIzNzYiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzVmMTk1NjEyLTM4NGEtNDhlYS04NDA4LWI0ZWRlOWRjNTZiYj9QMT0xNzIwMjQ1NTc5JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PVVJem5ESFZsUGtSbGdEQnlYM2lpTzNpY3lONzV3MTdoTEgwS0x6SUtLU3lHWnBPJTJmb0s2MEhtd0ZwYnFuTUVrMmlXS1Z6TkZlS0kwWGFBbDY0WnVBNWclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxODA0NDQ0OCIgdG90YWw9IjE4MDQ0NDQ4IiBkb3dubG9hZF90aW1lX21zPSI0MjYxNCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMjczNjMyNDQ0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTMyNzk4MTM5NjEiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzI4MTcwNTUyMCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjIxMyIgZG93bmxvYWRfdGltZV9tcz0iNDcwNzAiIGRvd25sb2FkZWQ9IjE4MDQ0NDQ4IiB0b3RhbD0iMTgwNDQ0NDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjE4NyIvPjwvYXBwPjwvcmVxdWVzdD4
                                                                                          2⤵
                                                                                          • Executes dropped EXE
                                                                                          • Checks system information in the registry
                                                                                          PID:5452
                                                                                      • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                        "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
                                                                                        1⤵
                                                                                        • Executes dropped EXE
                                                                                        • Checks system information in the registry
                                                                                        • Modifies data under HKEY_USERS
                                                                                        PID:2208
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\MicrosoftEdge_X64_126.0.2592.68.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\MicrosoftEdge_X64_126.0.2592.68.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
                                                                                          2⤵
                                                                                          • Executes dropped EXE
                                                                                          • Drops file in Program Files directory
                                                                                          PID:1292
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\MicrosoftEdge_X64_126.0.2592.68.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
                                                                                            3⤵
                                                                                            • Boot or Logon Autostart Execution: Active Setup
                                                                                            • Executes dropped EXE
                                                                                            • Installs/modifies Browser Helper Object
                                                                                            • Drops file in Program Files directory
                                                                                            • Modifies Internet Explorer settings
                                                                                            • Modifies registry class
                                                                                            • System policy modification
                                                                                            PID:8024
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.114 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.68 --initial-client-data=0x238,0x23c,0x240,0x234,0x244,0x7ff6a80faa40,0x7ff6a80faa4c,0x7ff6a80faa58
                                                                                              4⤵
                                                                                              • Executes dropped EXE
                                                                                              • Drops file in Program Files directory
                                                                                              PID:6572
                                                                                            • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe
                                                                                              "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
                                                                                              4⤵
                                                                                              • Executes dropped EXE
                                                                                              • Drops file in System32 directory
                                                                                              PID:5800
                                                                                              • C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe
                                                                                                "C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.114 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9E6C9C0F-4520-4FDF-B5CD-DC97A984CE7F}\EDGEMITMP_1CCA0.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.68 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff6a80faa40,0x7ff6a80faa4c,0x7ff6a80faa58
                                                                                                5⤵
                                                                                                • Executes dropped EXE
                                                                                                PID:6068
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe" --msedge --channel=stable --register-package-identity --verbose-logging --system-level
                                                                                              4⤵
                                                                                              • Executes dropped EXE
                                                                                              PID:3924
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.114 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.68 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff63fb9aa40,0x7ff63fb9aa4c,0x7ff63fb9aa58
                                                                                                5⤵
                                                                                                • Executes dropped EXE
                                                                                                PID:1512
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level
                                                                                              4⤵
                                                                                              • Executes dropped EXE
                                                                                              • Drops file in Program Files directory
                                                                                              PID:7536
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=126.0.6478.114 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\126.0.2592.68\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=126.0.2592.68 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff63fb9aa40,0x7ff63fb9aa4c,0x7ff63fb9aa58
                                                                                                5⤵
                                                                                                • Executes dropped EXE
                                                                                                PID:1428
                                                                                        • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                          "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xODcuNDEiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MEJDRDg2MUMtOTM0RC00MDk5LTgxODgtMDcxMTMxRjVDQkQwfSIgdXNlcmlkPSJ7N0U4MEZEM0EtMDIxMi00QTNCLUE5MDUtRjYxQkNBRDBEQjRBfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins5QzE5RDM3NS1CNjE4LTQ4OTctOTdGRS1FMTY4NkVBQUEyRkN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7aFZmRGpNZEZHNkZnS3MwTno2ZW1yWUNTZzZUUXZEUG9tb2xSYXlRWEJLND0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE4Ny40MSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJJc09uSW50ZXJ2YWxDb21tYW5kc0FsbG93ZWQ9LXRhcmdldF9kZXY7UHJvZHVjdHNUb1JlZ2lzdGVyPSU3QjFGQUI4Q0ZFLTk4NjAtNDE1Qy1BNkNBLUFBN0QxMjAyMTk0MCU3RCIgaW5zdGFsbGFnZT0iNTEiIGNvaG9ydD0icnJmQDAuNDUiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzODkiIHBpbmdfZnJlc2huZXNzPSJ7MkQ0NjZENTgtMTU0Ny00MTdFLTlDODgtQjRFQkU0RDdFNTU0fSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5Mi4wLjkwMi42NyIgbmV4dHZlcnNpb249IjEyNi4wLjI1OTIuNjgiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iNTEiIGlzX3Bpbm5lZF9zeXN0ZW09InRydWUiIGxhc3RfbGF1bmNoX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM1OTY0ODcxMzQ1NDEyNjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMzczNjg2NjMzIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzMzczNzM2NTQ4IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY2NTE5MjM3MSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2FjNmY2MTFiLWVlYjctNGE0Mi1hNmQ0LThjZDcxNDI5NmExMT9QMT0xNzIwMjQ1NjM3JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWZKbm1kRklFQ2hIZlY0bGpraCUyZmFkJTJmaHZGclBNVXdyOVJCTkdhc3RKQllMMnpXTmElMmY3UG85TVBQZ3pLSXNFSHBmWThRVFZKYSUyYnBTNkNLUmpmWjl4VXclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMzY2NTIxMjM2NyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvYWM2ZjYxMWItZWViNy00YTQyLWE2ZDQtOGNkNzE0Mjk2YTExP1AxPTE3MjAyNDU2MzcmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9ZkpubWRGSUVDaEhmVjRsamtoJTJmYWQlMmZodkZyUE1Vd3I5UkJOR2FzdEpCWUwyeldOYSUyZjdQbzlNUFBnektJc0VIcGZZOFFUVkphJTJicFM2Q0tSamZaOXhVdyUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE3Mjk1NzI0MCIgdG90YWw9IjE3Mjk1NzI0MCIgZG93bmxvYWRfdGltZV9tcz0iMjcwNzciLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM2NjUzODIzODciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM2ODAwMzUyNjgiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MTc5MjQxNDMwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iMTg0IiBkb3dubG9hZF90aW1lX21zPSIyOTE1NyIgZG93bmxvYWRlZD0iMTcyOTU3MjQwIiB0b3RhbD0iMTcyOTU3MjQwIiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0OTkxOSIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjYzODkiIHBpbmdfZnJlc2huZXNzPSJ7OTQzNDEyODYtNzgxQy00N0E5LTlFRTYtNzY4M0E1QzU3OTg1fSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjYuMC4yNTkyLjgxIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgaW5zdGFsbGRhdGU9IjYzODQiIGNvaG9ydD0icnJmQDAuMjciPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjYzODkiIHBpbmdfZnJlc2huZXNzPSJ7QTRBMTI4QjctODk3Ny00RDE4LUFCOTEtNTZCMTk2MzJDRjcyfSIvPjwvYXBwPjwvcmVxdWVzdD4
                                                                                          2⤵
                                                                                          • Executes dropped EXE
                                                                                          • Checks system information in the registry
                                                                                          PID:4116
                                                                                      • C:\Windows\System32\svchost.exe
                                                                                        C:\Windows\System32\svchost.exe -k AppReadiness -p -s AppReadiness
                                                                                        1⤵
                                                                                          PID:1532
                                                                                        • C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe
                                                                                          "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe" /InvokerPRAID: Microsoft.MicrosoftOfficeHub prelaunch
                                                                                          1⤵
                                                                                            PID:5680
                                                                                          • C:\Windows\system32\wwahost.exe
                                                                                            "C:\Windows\system32\wwahost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.wwa
                                                                                            1⤵
                                                                                            • Modifies Internet Explorer settings
                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                            PID:6820
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
                                                                                            "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
                                                                                            1⤵
                                                                                            • Executes dropped EXE
                                                                                            PID:7528

                                                                                          Network

                                                                                          MITRE ATT&CK Matrix ATT&CK v13

                                                                                          Initial Access

                                                                                          Execution

                                                                                          Persistence

                                                                                          Boot or Logon Autostart Execution

                                                                                          2
                                                                                          T1547

                                                                                          Registry Run Keys / Startup Folder

                                                                                          1
                                                                                          T1547.001

                                                                                          Active Setup

                                                                                          1
                                                                                          T1547.014

                                                                                          Event Triggered Execution

                                                                                          2
                                                                                          T1546

                                                                                          Image File Execution Options Injection

                                                                                          1
                                                                                          T1546.012

                                                                                          Component Object Model Hijacking

                                                                                          1
                                                                                          T1546.015

                                                                                          Browser Extensions

                                                                                          1
                                                                                          T1176

                                                                                          Privilege Escalation

                                                                                          Boot or Logon Autostart Execution

                                                                                          2
                                                                                          T1547

                                                                                          Registry Run Keys / Startup Folder

                                                                                          1
                                                                                          T1547.001

                                                                                          Active Setup

                                                                                          1
                                                                                          T1547.014

                                                                                          Event Triggered Execution

                                                                                          2
                                                                                          T1546

                                                                                          Image File Execution Options Injection

                                                                                          1
                                                                                          T1546.012

                                                                                          Component Object Model Hijacking

                                                                                          1
                                                                                          T1546.015

                                                                                          Defense Evasion

                                                                                          Modify Registry

                                                                                          5
                                                                                          T1112

                                                                                          Credential Access

                                                                                          Discovery

                                                                                          Query Registry

                                                                                          6
                                                                                          T1012

                                                                                          System Information Discovery

                                                                                          5
                                                                                          T1082

                                                                                          Software Discovery

                                                                                          1
                                                                                          T1518

                                                                                          Security Software Discovery

                                                                                          1
                                                                                          T1518.001

                                                                                          Peripheral Device Discovery

                                                                                          1
                                                                                          T1120

                                                                                          Lateral Movement

                                                                                          Collection

                                                                                          Exfiltration

                                                                                          Command and Control

                                                                                          Web Service

                                                                                          1
                                                                                          T1102

                                                                                          Impact

                                                                                          Resource Development

                                                                                          Reconnaissance

                                                                                          Replay Monitor

                                                                                          Loading Replay Monitor...

                                                                                          Downloads

                                                                                          • C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.68\Installer\setup.exe
                                                                                            Filesize

                                                                                            6.5MB

                                                                                            MD5

                                                                                            05e320ae544022adea3f8c441646765d

                                                                                            SHA1

                                                                                            3c6266b8a8c0132a97b2785bcb9ae7546ac02cc9

                                                                                            SHA256

                                                                                            e1618f31f476932871871ebc6e63d57aad643b74ea892d3d305e4125df1e6f10

                                                                                            SHA512

                                                                                            c1cf5c001ddd6b3b3c68b697f8ec9f1cbd48b5881f9fc805d74eb14a13eedcdf71e958ca1b790353a4edc64008558295741cfb785e0a3824a8f3a62bc985d387

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeCore\126.0.2592.81\Installer\setup.exe
                                                                                            Filesize

                                                                                            6.5MB

                                                                                            MD5

                                                                                            7c44a5cba89f38d967b1f4e11225da0f

                                                                                            SHA1

                                                                                            44837f2ff9b3ebc7c371ee5f9e0cd5dcaad508dd

                                                                                            SHA256

                                                                                            a10c3e0b2ec1286bfe6b3fe9005a9132fad01be9afc4bdd5adb29f174b8fb706

                                                                                            SHA512

                                                                                            25b4cae7fc6d200dab70e94461b7f2e7899813975cab498fb367a32aa2e187fb7b1330545b60f6340d53fe5e04a1ecfb5d6b8bf004ac26ecaa7a8f6e387dfe99

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{1FAB8CFE-9860-415C-A6CA-AA7D12021940}\2.0.0.34\BGAUpdate.exe
                                                                                            Filesize

                                                                                            17.2MB

                                                                                            MD5

                                                                                            3f208f4e0dacb8661d7659d2a030f36e

                                                                                            SHA1

                                                                                            07fe69fd12637b63f6ae44e60fdf80e5e3e933ff

                                                                                            SHA256

                                                                                            d3c12e642d4b032e2592c2ba6e0ed703a7e43fb424b7c3ab5b2e51b53d1d433b

                                                                                            SHA512

                                                                                            6c8fce43d04dd7e7f5c8bf275ba01e24a76531e89cc02f4b2f23ab2086f7cf70f485c4240c5ea41bf61cb7ceee471df7e7bdc1b17dfdd54c22e4b02ff4e14740

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.187.41\MicrosoftEdgeUpdateSetup_X86_1.3.187.41.exe
                                                                                            Filesize

                                                                                            1.6MB

                                                                                            MD5

                                                                                            a9ad77a4111f44c157a1a37bb29fd2b9

                                                                                            SHA1

                                                                                            f1348bcbc950532ac2b48b18acd91533f3ac0be2

                                                                                            SHA256

                                                                                            200a59abdeb32cc4d2cec4079be205f18b5f45bae42acb7940151f9780569889

                                                                                            SHA512

                                                                                            68f58a15ef5ba5d49d8476bee4a488e9a721f703a645ddd29148915d555ca2eb451635c3b762e5a0f786d69bb5cba9bffac3eeee196f1ec7ad669e2d729fe898

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\MicrosoftEdgeComRegisterShellARM64.exe
                                                                                            Filesize

                                                                                            179KB

                                                                                            MD5

                                                                                            7a160c6016922713345454265807f08d

                                                                                            SHA1

                                                                                            e36ee184edd449252eb2dfd3016d5b0d2edad3c6

                                                                                            SHA256

                                                                                            35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9

                                                                                            SHA512

                                                                                            c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\MicrosoftEdgeUpdate.exe
                                                                                            Filesize

                                                                                            201KB

                                                                                            MD5

                                                                                            4dc57ab56e37cd05e81f0d8aaafc5179

                                                                                            SHA1

                                                                                            494a90728d7680f979b0ad87f09b5b58f16d1cd5

                                                                                            SHA256

                                                                                            87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718

                                                                                            SHA512

                                                                                            320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
                                                                                            Filesize

                                                                                            212KB

                                                                                            MD5

                                                                                            60dba9b06b56e58f5aea1a4149c743d2

                                                                                            SHA1

                                                                                            a7e456acf64dd99ca30259cf45b88cf2515a69b3

                                                                                            SHA256

                                                                                            4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112

                                                                                            SHA512

                                                                                            e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\MicrosoftEdgeUpdateCore.exe
                                                                                            Filesize

                                                                                            257KB

                                                                                            MD5

                                                                                            c044dcfa4d518df8fc9d4a161d49cece

                                                                                            SHA1

                                                                                            91bd4e933b22c010454fd6d3e3b042ab6e8b2149

                                                                                            SHA256

                                                                                            9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2

                                                                                            SHA512

                                                                                            f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\NOTICE.TXT
                                                                                            Filesize

                                                                                            4KB

                                                                                            MD5

                                                                                            6dd5bf0743f2366a0bdd37e302783bcd

                                                                                            SHA1

                                                                                            e5ff6e044c40c02b1fc78304804fe1f993fed2e6

                                                                                            SHA256

                                                                                            91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5

                                                                                            SHA512

                                                                                            f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\msedgeupdate.dll
                                                                                            Filesize

                                                                                            2.0MB

                                                                                            MD5

                                                                                            965b3af7886e7bf6584488658c050ca2

                                                                                            SHA1

                                                                                            72daabdde7cd500c483d0eeecb1bd19708f8e4a5

                                                                                            SHA256

                                                                                            d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19

                                                                                            SHA512

                                                                                            1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\Microsoft\Temp\EU8497.tmp\msedgeupdateres_en.dll
                                                                                            Filesize

                                                                                            27KB

                                                                                            MD5

                                                                                            4a1e3cf488e998ef4d22ac25ccc520a5

                                                                                            SHA1

                                                                                            dc568a6e3c9465474ef0d761581c733b3371b1cd

                                                                                            SHA256

                                                                                            9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011

                                                                                            SHA512

                                                                                            ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

                                                                                            Download Submit
                                                                                          • C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping3600_1603201455\manifest.json
                                                                                            Filesize

                                                                                            984B

                                                                                            MD5

                                                                                            0359d5b66d73a97ce5dc9f89ed84c458

                                                                                            SHA1

                                                                                            ce17e52eaac909dd63d16d93410de675d3e6ec0d

                                                                                            SHA256

                                                                                            beeab2f8d3833839399dde15ce9085c17b304445577d21333e883d6db6d0b755

                                                                                            SHA512

                                                                                            8fd94a098a4ab5c0fcd48c2cef2bb03328dd4d25c899bf5ed1ca561347d74a8aab8a214ba2d3180a86df72c52eb26987a44631d0ecd9edc84976c28d6c9dc16a

                                                                                            Download Submit
                                                                                          • C:\Program Files\MsEdgeCrashpad\settings.dat
                                                                                            Filesize

                                                                                            280B

                                                                                            MD5

                                                                                            0e16b36b0c1ae3eddd06a5c6ebce6adc

                                                                                            SHA1

                                                                                            3f5207ac60550b544ee6907d71c8da28f1cc2741

                                                                                            SHA256

                                                                                            bc3ae9796aa11050b459e9d76a25da441d0054e7ce10c4f879c793afa61547db

                                                                                            SHA512

                                                                                            6a3c1edaeebe5cc131ce0a4516a8e9efeaa8c62d7b758ccdaf4c0f5e971abf77448b099d4408b6d70f5daee02b008b5f98dce0445d326e005f3b1767c112dbc3

                                                                                            Download Submit
                                                                                          • C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
                                                                                            Filesize

                                                                                            106KB

                                                                                            MD5

                                                                                            4ed073f32d725d6e68e40212249e5832

                                                                                            SHA1

                                                                                            4dfab816eb6a841b5420ef17391d94625827dd81

                                                                                            SHA256

                                                                                            d7beb28cdef07f0865cf94815d07fe42682d718534a227013c5dd970110407ff

                                                                                            SHA512

                                                                                            3427aeb60bc42f3da645ba2b4a1955cc9e0daa3ab272e2a13a133f45b1c452b5f0bcb96152fa38f78e357e5ddb430a9641e08fbf7e5443662944bca241deea84

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.dll
                                                                                            Filesize

                                                                                            4.3MB

                                                                                            MD5

                                                                                            6546ceb273f079342df5e828a60f551b

                                                                                            SHA1

                                                                                            ede41c27df51c39cd731797c340fcb8feda51ea3

                                                                                            SHA256

                                                                                            e440da74de73212d80da3f27661fcb9436d03d9e8dbbb44c9c148aaf38071ca5

                                                                                            SHA512

                                                                                            f0ea83bf836e93ff7b58582329a05ba183a25c92705fab36f576ec0c20cf687ce16a68e483698bda4215d441dec5916ffbdfa1763fb357e14ab5e0f1ffcaf824

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
                                                                                            Filesize

                                                                                            249KB

                                                                                            MD5

                                                                                            772c9fecbd0397f6cfb3d866cf3a5d7d

                                                                                            SHA1

                                                                                            6de3355d866d0627a756d0d4e29318e67650dacf

                                                                                            SHA256

                                                                                            2f88ea7e1183d320fb2b7483de2e860da13dc0c0caaf58f41a888528d78c809f

                                                                                            SHA512

                                                                                            82048bd6e50d38a863379a623b8cfda2d1553d8141923acf13f990c7245c833082523633eaa830362a12bfff300da61b3d8b3cccbe038ce2375fdfbd20dbca31

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.runtimeconfig.json
                                                                                            Filesize

                                                                                            372B

                                                                                            MD5

                                                                                            d94cf983fba9ab1bb8a6cb3ad4a48f50

                                                                                            SHA1

                                                                                            04855d8b7a76b7ec74633043ef9986d4500ca63c

                                                                                            SHA256

                                                                                            1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a

                                                                                            SHA512

                                                                                            09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Modifications\ClientSettings\ClientAppSettings.json
                                                                                            Filesize

                                                                                            120B

                                                                                            MD5

                                                                                            636492f4af87f25c20bd34a731007d86

                                                                                            SHA1

                                                                                            22a5c237a739ab0df4ff87c9e3d79dbe0c89b56a

                                                                                            SHA256

                                                                                            22a1e85723295eeb854345be57f7d6fb56f02b232a95d69405bf9d9e67a0fa0d

                                                                                            SHA512

                                                                                            cd2e3a738f535eb1a119bd4c319555899bcd4ce1049d7f8591a1a68c26844f33c1bd1e171706533b5c36263ade5e275b55d40f5710e0210e010925969182cd0c

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaApp\graphic\shimmer_lightTheme.png
                                                                                            Filesize

                                                                                            20KB

                                                                                            MD5

                                                                                            4f8f43c5d5c2895640ed4fdca39737d5

                                                                                            SHA1

                                                                                            fb46095bdfcab74d61e1171632c25f783ef495fa

                                                                                            SHA256

                                                                                            fc57f32c26087eef61b37850d60934eda1100ca8773f08e487191a74766053d1

                                                                                            SHA512

                                                                                            7aebc0f79b2b23a76fb41df8bab4411813ffb1abc5e2797810679c0eaa690e7af7561b8473405694bd967470be337417fa42e30f0318acbf171d8f31620a31aa

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaApp\graphic\[email protected]
                                                                                            Filesize

                                                                                            71KB

                                                                                            MD5

                                                                                            3fec0191b36b9d9448a73ff1a937a1f7

                                                                                            SHA1

                                                                                            bee7d28204245e3088689ac08da18b43eae531ba

                                                                                            SHA256

                                                                                            1a03e6f6a0de045aa588544c392d671c040b82a5598b4246af04f5a74910dc89

                                                                                            SHA512

                                                                                            a8ab2bc2d937963af36d3255c6ea09cae6ab1599996450004bb18e8b8bdfbdde728821ac1662d8a0466680679011d8f366577b143766838fe91edf08a40353ce

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\ExtraContent\textures\ui\LuaDiscussions\buttonFill.png
                                                                                            Filesize

                                                                                            247B

                                                                                            MD5

                                                                                            81ce54dfd6605840a1bd2f9b0b3f807d

                                                                                            SHA1

                                                                                            4a3a4c05b9c14c305a8bb06c768abc4958ba2f1c

                                                                                            SHA256

                                                                                            0a6a5cafb4dee0d8c1d182ddec9f68ca0471d7fc820cf8dc2d68f27a35cd3386

                                                                                            SHA512

                                                                                            57069c8ac03dd0fdfd97e2844c19138800ff6f7d508c26e5bc400b30fe78baa0991cc39f0f86fa10cd5d12b6b11b0b09c1a770e5cb2fdca157c2c8986a09e5ff

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
                                                                                            Filesize

                                                                                            1.5MB

                                                                                            MD5

                                                                                            610b1b60dc8729bad759c92f82ee2804

                                                                                            SHA1

                                                                                            9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552

                                                                                            SHA256

                                                                                            921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08

                                                                                            SHA512

                                                                                            0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\configs\DateTimeLocaleConfigs\zh-hans.json
                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            fb6605abd624d1923aef5f2122b5ae58

                                                                                            SHA1

                                                                                            6e98c0a31fa39c781df33628b55568e095be7d71

                                                                                            SHA256

                                                                                            7b993133d329c46c0c437d985eead54432944d7b46db6ad6ea755505b8629d00

                                                                                            SHA512

                                                                                            97a14eda2010033265b379aa5553359293baf4988a4cdde8a40b0315e318a7b30feee7f5e14c68131e85610c00585d0c67e636999e3af9b5b2209e1a27a82223

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\configs\DateTimeLocaleConfigs\zh-tw.json
                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            702c9879f2289959ceaa91d3045f28aa

                                                                                            SHA1

                                                                                            775072f139acc8eafb219af355f60b2f57094276

                                                                                            SHA256

                                                                                            a92a6988175f9c1d073e4b54bf6a31f9b5d3652eebdf6a351fb5e12bda76cbd5

                                                                                            SHA512

                                                                                            815a6bef134c0db7a5926f0cf4b3f7702d71b0b2f13eca9539cd2fc5a61eea81b1884e4c4bc0b3398880589bff809ac8d5df833e7e4aeda4a1244e9a875d1e97

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\sounds\ouch.ogg
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            9404c52d6f311da02d65d4320bfebb59

                                                                                            SHA1

                                                                                            0b5b5c2e7c631894953d5828fec06bdf6adba55f

                                                                                            SHA256

                                                                                            c9775e361392877d1d521d0450a5368ee92d37dc542bc5e514373c9d5003f317

                                                                                            SHA512

                                                                                            22aa1acbcdcf56f571170d9c32fd0d025c50936387203a7827dbb925f352d2bc082a8a79db61c2d1f1795ad979e93367c80205d9141b73d806ae08fa089837c4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\Cursors\KeyboardMouse\IBeamCursor.png
                                                                                            Filesize

                                                                                            292B

                                                                                            MD5

                                                                                            464c4983fa06ad6cf235ec6793de5f83

                                                                                            SHA1

                                                                                            8afeb666c8aee7290ab587a2bfb29fc3551669e8

                                                                                            SHA256

                                                                                            99fd7f104948c6ab002d1ec69ffd6c896c91f9accc499588df0980b4346ecbed

                                                                                            SHA512

                                                                                            f805f5f38535fe487b899486c8de6cf630114964e2c3ebc2af7152a82c6f6faef681b4d936a1867b5dff6566b688b5c01105074443cc2086b3fe71f7e6e404b1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\StudioToolbox\Clear.png
                                                                                            Filesize

                                                                                            538B

                                                                                            MD5

                                                                                            fa8eaf9266c707e151bb20281b3c0988

                                                                                            SHA1

                                                                                            3ca097ad4cd097745d33d386cc2d626ece8cb969

                                                                                            SHA256

                                                                                            8cf08bf7e50fea7b38f59f162ed956346c55a714ed8a9a8b0a1ada7e18480bc2

                                                                                            SHA512

                                                                                            e29274300eab297c6de895bb39170f73f0a4ffa2a8c3732caeeeac16e2c25fb58bb401fdd5823cc62d9c413ec6c43d7c46861d7e14d52f8d9d8ff632e29f167c

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\StudioUIEditor\valueBoxRoundedRectangle.png
                                                                                            Filesize

                                                                                            130B

                                                                                            MD5

                                                                                            521fb651c83453bf42d7432896040e5e

                                                                                            SHA1

                                                                                            8fdbf2cc2617b5b58aaa91b94b0bf755d951cad9

                                                                                            SHA256

                                                                                            630303ec4701779eaf86cc9fbf744b625becda53badc7271cbb6ddc56e638d70

                                                                                            SHA512

                                                                                            8fa0a50e52a3c7c53735c7dd7af275ebc9c1843f55bb30ebe0587a85955a8da94ff993822d233f7ed118b1070a7d67718b55ba4a597dc49ed2bf2a3836c696f6

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\TerrainTools\checkbox_square.png
                                                                                            Filesize

                                                                                            985B

                                                                                            MD5

                                                                                            2cb16991a26dc803f43963bdc7571e3f

                                                                                            SHA1

                                                                                            12ad66a51b60eeaed199bc521800f7c763a3bc7b

                                                                                            SHA256

                                                                                            c7bae6d856f3bd9f00c122522eb3534d0d198a9473b6a379a5c3458181870646

                                                                                            SHA512

                                                                                            4c9467e5e2d83b778d0fb8b6fd97964f8d8126f07bfd50c5d68c256703f291ceaed56be057e8e2c591b2d2c49f6b7e099a2b7088d0bf5bdd901433459663b1f8

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\XboxController\Thumbstick1.png
                                                                                            Filesize

                                                                                            641B

                                                                                            MD5

                                                                                            2cbe38df9a03133ddf11a940c09b49cd

                                                                                            SHA1

                                                                                            6fb5c191ed8ce9495c66b90aaf53662bfe199846

                                                                                            SHA256

                                                                                            0835a661199a7d8df7249e8ae925987184efcc4fb85d9efac3cc2c1495020517

                                                                                            SHA512

                                                                                            dcef5baccef9fff632456fe7bc3c4f4a403363d9103a8047a55f4bd4c413d0c5f751a2e37385fe9eba7a420dbdb77ca2ff883d47fcdd35af222191cc5bd5c7a9

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\XboxController\[email protected]
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            e8c88cf5c5ef7ae5ddee2d0e8376b32f

                                                                                            SHA1

                                                                                            77f2a5b11436d247d1acc3bac8edffc99c496839

                                                                                            SHA256

                                                                                            9607af14604a8e8eb1dec45d3eeca01fed33140c0ccc3e6ef8ca4a1f6219b5dd

                                                                                            SHA512

                                                                                            32f5a1e907705346a56fbddfe0d8841d05415ff7abe28ae9281ba46fedf8270b982be0090b72e2e32de0ce36e21934f80eaf508fd010f7ab132d39f5305fb68f

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\XboxController\[email protected]
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            499333dae156bb4c9e9309a4842be4c8

                                                                                            SHA1

                                                                                            d18c4c36bdb297208589dc93715560acaf761c3a

                                                                                            SHA256

                                                                                            d35a74469f1436f114c27c730a5ec0793073bcf098db37f10158d562a3174591

                                                                                            SHA512

                                                                                            91c64173d2cdabc045c70e0538d45e1022cc74ec04989565b85f0f26fe3e788b700a0956a07a8c91d34c06fc1b7fad43bbdbb41b0c6f15b9881c3e46def8103e

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\XboxController\Thumbstick2.png
                                                                                            Filesize

                                                                                            738B

                                                                                            MD5

                                                                                            a402aacac8be906bcc07d50669d32061

                                                                                            SHA1

                                                                                            9d75c1afbe9fc482983978cae4c553aa32625640

                                                                                            SHA256

                                                                                            62a313b6cc9ffe7dd86bc9c4fcd7b8e8d1f14a15cdf41a53fb69af4ae3416102

                                                                                            SHA512

                                                                                            d11567bcaad8bbd9e2b9f497c3215102c7e7546caf425e93791502d3d2b3f78dec13609796fcd6e1e7f5c7d794bac074d00a74001e7fe943d63463b483877546

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\XboxController\[email protected]
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            83e9b7823c0a5c4c67a603a734233dec

                                                                                            SHA1

                                                                                            2eaf04ad636bf71afdf73b004d17d366ac6d333e

                                                                                            SHA256

                                                                                            3b5e06eb1a89975def847101f700f0caa60fe0198f53e51974ef1608c6e1e067

                                                                                            SHA512

                                                                                            e8abb39a1ec340ac5c7d63137f607cd09eae0e885e4f73b84d8adad1b8f574155b92fbf2c9d3013f64ebbb6d55ead5419e7546b0f70dcde976d49e7440743b0f

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-1088f3c8e4a44cc7\content\textures\ui\Controls\XboxController\[email protected]
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            55b64987636b9740ab1de7debd1f0b2f

                                                                                            SHA1

                                                                                            96f67222ce7d7748ec968e95a2f6495860f9d9c9

                                                                                            SHA256

                                                                                            f4a6bb3347ee3e603ea0b2f009bfa802103bc434ae3ff1db1f2043fa8cace8fc

                                                                                            SHA512

                                                                                            73a88a278747de3fefbaabb3ff90c1c0750c8d6c17746787f17061f4eff933620407336bf9b755f4222b0943b07d8c4d01de1815d42ea65e78e0daa7072591e9

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
                                                                                            Filesize

                                                                                            529B

                                                                                            MD5

                                                                                            42bcfb47cc8cd382c020cdfc3b1a1596

                                                                                            SHA1

                                                                                            c1fa59510b76167af7932ed9299e61ced76b3431

                                                                                            SHA256

                                                                                            88787cc8ff47b6db651d9c89dd3678ed5ab35a099ef494c655de32cfc6ffb073

                                                                                            SHA512

                                                                                            ca7b3b2effcb788a0ca03d107dc5b5082026463b74b0d6589ea5fbf0ca793c09d1bbeb6e8c239f5189dcb64f3c089c8da88c2d1b36137b8a36dd1cd2bf302aa6

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
                                                                                            Filesize

                                                                                            738B

                                                                                            MD5

                                                                                            018ddac36f875f8c196a0cc62af7281b

                                                                                            SHA1

                                                                                            3fa96480a55cb48c645357b46b5ae055a4b28b43

                                                                                            SHA256

                                                                                            3b0bd2379381f76ce8bda1259ae4f4a0fffc200f999eefecb0c9af71a0449637

                                                                                            SHA512

                                                                                            372aedfdfdbce67746dbdc36c60953a4494ac184af2c8993fdd529c82647ed5d33b5c7bb539bee6d7a490aedfa88bc9ec2ecb981a859a059fda768366ffde165

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json
                                                                                            Filesize

                                                                                            850B

                                                                                            MD5

                                                                                            957d1667ba20fd4929c459115f30e1c4

                                                                                            SHA1

                                                                                            4d5c266f1e764498659ee752432cf63e1d110609

                                                                                            SHA256

                                                                                            46e60ec41bc6c7fd282c3b16cbd5b52656b8e7b436fd83e407482f7786291ced

                                                                                            SHA512

                                                                                            0eb4374e75bf3d5d43136a4dd5ee2802f8cc92596163b095323c1da37ac3415f891b36124f6af9daafc30ab39271a224f6da14b41ba0d004bb7283e85917c149

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CEF\User Data\LocalPrefs.json~RFe59b23f.TMP
                                                                                            Filesize

                                                                                            434B

                                                                                            MD5

                                                                                            7f2487ca5c9a440294f36a8281940201

                                                                                            SHA1

                                                                                            650823dc04c3d12730d3c7059c2dee75335b6efd

                                                                                            SHA256

                                                                                            44da3360c180966c1ba59b3ac3853e95adc2369306e73b5a1d20743706efe98d

                                                                                            SHA512

                                                                                            b64e3d07f6093754cd022feeab7c0658378f8fbf45b747ebd5f83db7330c04dd476122efd2a47e1da3991fad6e0d93b276b2a69cc879a636b5d3203c45de2e80

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.Core.dll
                                                                                            Filesize

                                                                                            915KB

                                                                                            MD5

                                                                                            100c32f77e68a2ce962e1a28997567ea

                                                                                            SHA1

                                                                                            a80a1f4019b8d44df6b5833fb0c51b929fa79843

                                                                                            SHA256

                                                                                            c0b9e29b240d8328f2f9a29ca0298ca4d967a926f3174a3442c3730c00d5a926

                                                                                            SHA512

                                                                                            f95530ef439fa5c4e3bc02db249b6a76e9d56849816ead83c9cd9bcd49d3443ccb88651d829165c98a67af40b3ef02b922971114f29c5c735e662ca35c0fb6ed

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.BrowserSubprocess.exe
                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            516ff62b2e1f4642caa954c0968719e8

                                                                                            SHA1

                                                                                            e349d0ce82e2109dd0d18416d9cf46e8411b7f15

                                                                                            SHA256

                                                                                            19da58849cec5933860116e60a1e94b08e30d90e0f955768270b47998d612045

                                                                                            SHA512

                                                                                            7aa4a0c87b29c2a84f585a884d8208fc2352a43f2cdb549c100e3b121837ad5f8dadb1101f57d1d3fcb7ebec9d9f22e07dc14239b7d2e2d25793c999becf288b

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\CefSharp.dll
                                                                                            Filesize

                                                                                            272KB

                                                                                            MD5

                                                                                            9ca06a8f9e5f7239ca225ab810274023

                                                                                            SHA1

                                                                                            e1a219f567a7b7d3af9386df51b14c76e769c044

                                                                                            SHA256

                                                                                            5fd00ae3e83e6ca156647ff6df87b49ffc7cad47c23fe3ae07c067c5adf6f74a

                                                                                            SHA512

                                                                                            430c9bceed5439b987d5bd4840cfe32411ca61594f18597aca1948aa39a22c9d70beadf3bb9b1dd0373f81a94a25dcba17fa8e8c73abf06cba28d0971d5614c5

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\chrome_100_percent.pak
                                                                                            Filesize

                                                                                            667KB

                                                                                            MD5

                                                                                            ae195e80859781a20414cf5faa52db06

                                                                                            SHA1

                                                                                            b18ecb5ec141415e3a210880e2b3d37470636485

                                                                                            SHA256

                                                                                            9957802c0792e621f76bbdb1c630fbad519922743b5d193294804164babda552

                                                                                            SHA512

                                                                                            c6fef84615fe20d1760ca496c98629feb4e533556724e9631d4282622748e7601225cf19dfb8351f4b540ae3f83785c1bcea6fe8c246cf70388e527654097c1c

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\chrome_200_percent.pak
                                                                                            Filesize

                                                                                            1.0MB

                                                                                            MD5

                                                                                            1abf6bad0c39d59e541f04162e744224

                                                                                            SHA1

                                                                                            db93c38253338a0b85e431bd4194d9e7bddb22c6

                                                                                            SHA256

                                                                                            01cb663a75f18bb2d0d800640a114f153a34bd8a5f2aa0ed7daa9b32967dc29e

                                                                                            SHA512

                                                                                            945d519221d626421094316f13b818766826b3bedddab0165c041540dddadc93136e32784c0562d26a420cb29479d04d2aa317b8d605cd242e5152bf05af197e

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\chrome_elf.dll
                                                                                            Filesize

                                                                                            1020KB

                                                                                            MD5

                                                                                            7191d97ce7886a1a93a013e90868db96

                                                                                            SHA1

                                                                                            52dd736cb589dd1def87130893d6b9449a6a36e3

                                                                                            SHA256

                                                                                            32f925f833aa59e3f05322549fc3c326ac6fc604358f4efbf94c59d5c08b8dc6

                                                                                            SHA512

                                                                                            38ebb62c34d466935eabb157197c7c364d4345f22aa3b2641b636196ca1aeaa2152ac75d613ff90817cb94825189612ddd12fb96df29469511a46a7d9620e724

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\d3dcompiler_47.dll
                                                                                            Filesize

                                                                                            3.9MB

                                                                                            MD5

                                                                                            3b4647bcb9feb591c2c05d1a606ed988

                                                                                            SHA1

                                                                                            b42c59f96fb069fd49009dfd94550a7764e6c97c

                                                                                            SHA256

                                                                                            35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

                                                                                            SHA512

                                                                                            00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\icudtl.dat
                                                                                            Filesize

                                                                                            10.2MB

                                                                                            MD5

                                                                                            74bded81ce10a426df54da39cfa132ff

                                                                                            SHA1

                                                                                            eb26bcc7d24be42bd8cfbded53bd62d605989bbf

                                                                                            SHA256

                                                                                            7bf96c193befbf23514401f8f6568076450ade52dd1595b85e4dfcf3de5f6fb9

                                                                                            SHA512

                                                                                            bd7b7b52d31803b2d4b1fd8cb76481931ed8abb98d779b893d3965231177bdd33386461e1a820b384712013904da094e3cd15ee24a679ddc766132677a8be54a

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\libegl.dll
                                                                                            Filesize

                                                                                            359KB

                                                                                            MD5

                                                                                            7dd6b0e4a31d35a0fae5ff425707073c

                                                                                            SHA1

                                                                                            fbd12e9f8e2252c52ce555c2ebbd7f07e62a0140

                                                                                            SHA256

                                                                                            8762d8001fc3ddd90e3129dfea172817e8d09b9936eaae391957de4326c8c906

                                                                                            SHA512

                                                                                            726968df6b83ab5f589276672250d92f532fe2dcea2176e42031a7f1dcecf578b0320cfe2a7d88bb9883ad99387d71c6ebf1e9968272bb5e62850ef09abd2648

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\libglesv2.dll
                                                                                            Filesize

                                                                                            6.6MB

                                                                                            MD5

                                                                                            8803db5b167fb5a5f8a8c595c4e4d7c6

                                                                                            SHA1

                                                                                            7fde861151f3bea66c65b6c2487a30728048811a

                                                                                            SHA256

                                                                                            52a58d25a41f4bd31cdb4a0d306217862e04ebf7c1925cc85330054a5523d719

                                                                                            SHA512

                                                                                            2fa9a0eda221982896e41eb387b5e156198615ac1a1fbac0acffd13008919368b41a240df416c1fce2e48c20a14cd7af7cca9fba476ada5e64a0cadde84a44b7

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\locales\en-US.pak
                                                                                            Filesize

                                                                                            456KB

                                                                                            MD5

                                                                                            4430b1833d56bc8eb1f7dc82bb7f4bc9

                                                                                            SHA1

                                                                                            dc15e6306625f155683326e859d83f846153c547

                                                                                            SHA256

                                                                                            b44ddcfac9df4934007e6c55a3c7f5e7f14c7e5e29f35c81de917fc3b22aabbc

                                                                                            SHA512

                                                                                            faf93bf371b2a88c1b874a5e2c54e4487fd152ad19c2a406a46f55ae75ecd421a779888c2e4c170857b16bfb5d8744bc1815a4732ed50b064b3cbd0c5ffad889

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\resources.pak
                                                                                            Filesize

                                                                                            8.0MB

                                                                                            MD5

                                                                                            4933d92c99afa246fc59eef010d5c858

                                                                                            SHA1

                                                                                            98d443654e93c73dd317f9f847f71fba3d5b3135

                                                                                            SHA256

                                                                                            62f4674daa15245ee081920b8ee191e72f36ca8fe24f6b986a832f45676915b2

                                                                                            SHA512

                                                                                            a3a69523c8e7310716daeebc06c2ba4fce673eccd1958e824ff179b82f4502d0ec095190179bbb387342e4150f952ea7533182fb6ba90377d17dafba8f4da623

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\v8_context_snapshot.bin
                                                                                            Filesize

                                                                                            643KB

                                                                                            MD5

                                                                                            28477a60b4fbd51dfef5237245817690

                                                                                            SHA1

                                                                                            b0afd5ea9f9d550124f23c65bc7851ddeffc662f

                                                                                            SHA256

                                                                                            169ea86f544e5cdf2a460675f876a9abb7f56bbe122782e94bb03d624931fc12

                                                                                            SHA512

                                                                                            3520658583bb498d5032a7f7ae77195fd2e5f8ed03c6531e56dee8320d8701102a723766e59f7766ab223f837e65a6d85cf862bb2bef6d2755ce45e672a47b22

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\CefSharp\vk_swiftshader.dll
                                                                                            Filesize

                                                                                            4.4MB

                                                                                            MD5

                                                                                            0ec149455727ace9acc09b3ba2c3a2b2

                                                                                            SHA1

                                                                                            6eeb990876cef6a34115b67f3190255db589f723

                                                                                            SHA256

                                                                                            e2d8ef53897e864b5b66bc73606681c99461798a9f4c1e13ca5cef7bc774d7fd

                                                                                            SHA512

                                                                                            c8eaa598c9439b1f2375fdac1f58896853510bddbd640707b9142c0d3793836120b28d7c2bd0407f0d5656dd19f14b312f37b7ac0165c9cc8b4c1a0f2af62531

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
                                                                                            Filesize

                                                                                            69KB

                                                                                            MD5

                                                                                            2280e0e4c8efa0f5fc1c10980425f5cf

                                                                                            SHA1

                                                                                            1d78ccb26fef7f1bf5bf29de100811e1ac8bda23

                                                                                            SHA256

                                                                                            b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74

                                                                                            SHA512

                                                                                            b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
                                                                                            Filesize

                                                                                            329KB

                                                                                            MD5

                                                                                            4bdb35f3f515f0cf3044e6a9684843b1

                                                                                            SHA1

                                                                                            12c960465daf100b06c58c271420a6be3dc508ae

                                                                                            SHA256

                                                                                            b835bd77e17447a2dacfce2645a5e812733fe5a777a5e45d9daa56d28675cbef

                                                                                            SHA512

                                                                                            9fa600b87843759b632c2d384596109cf1fb149a5ab38524cf43cab5833cb25c355479aee90d60462764200108cde5ec71f0988504c97ad09e25975cac65bfe5

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
                                                                                            Filesize

                                                                                            105KB

                                                                                            MD5

                                                                                            b9295fe93f7bb58d97cc858e302878a9

                                                                                            SHA1

                                                                                            34c6b1246cad4841aa1522cbd41146f9a547e8c5

                                                                                            SHA256

                                                                                            c0233c9b273aae7df532a992e710aaec409455b4b413b89a25854e9fb215c36c

                                                                                            SHA512

                                                                                            4c44ddbd35807653a60e2718dbd2ea85f09d7107b270045bcc2484e2a0ba977fbbb5739236ce7edb71d584c8f68df31fa3bdd03229eeace60c19662469adafc5

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
                                                                                            Filesize

                                                                                            253KB

                                                                                            MD5

                                                                                            f06054795aec96f20b59c5b65bc02193

                                                                                            SHA1

                                                                                            b9421bd92bc505f904d789768dd19485e208c934

                                                                                            SHA256

                                                                                            720513df12f0fb1a34e77024c741c34935488e98d86ece002ceb8b820403a6ce

                                                                                            SHA512

                                                                                            7d37be3628e897fcfff747e038f8015676759af4c02ca9304444a9575e19996a50b6b24a831b8a599b02e7177d92c0fdff7ebd33d77e960230cd96a4626dc1fb

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
                                                                                            Filesize

                                                                                            163KB

                                                                                            MD5

                                                                                            d5d7675604340f99633218bbe4793104

                                                                                            SHA1

                                                                                            ca1df39b7a903dbb856a555db75770f6222e7dce

                                                                                            SHA256

                                                                                            f7d966e98dacbf184660988f6b4482396b517d391e4d0475ffae4fa6f40971c6

                                                                                            SHA512

                                                                                            bd202a6a44ba24d784e3a55556b02d7c20738553832bb42d7aa3205b069913e524c08cf0a348e255b6f0c697f118f190bb5056695ee9d37d37296b9675964236

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
                                                                                            Filesize

                                                                                            206KB

                                                                                            MD5

                                                                                            7accce82a37b1478a68e4190522f92d0

                                                                                            SHA1

                                                                                            d42bdb750ca4eb0d855d5929551a019978e937c1

                                                                                            SHA256

                                                                                            7cb23f575f0795fc284800e63a1c64bd8538200f2b838fe72b117097a3f87152

                                                                                            SHA512

                                                                                            bd963c28d166ed3ce72d38dc57e90e72ee84f984bb234fb8cc07854f3857f9ddf0400cbcb64dc7e2158850cf862369e87750c06b17e7e22a3e09fdc9908322f1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
                                                                                            Filesize

                                                                                            42KB

                                                                                            MD5

                                                                                            54476cef20aa3e041c5b14de32a5ab6a

                                                                                            SHA1

                                                                                            032a1be25a46f795208b0365455d34e1e3b17760

                                                                                            SHA256

                                                                                            189be432c6fdba1e70841382153b3b2ac08aee391c80f6259066364be3ec461c

                                                                                            SHA512

                                                                                            0b8ba7bec920a0b73393fdcdb8fe399473965646b32ddee7a6734fa222476780c40b8ff74e528b12b2844cc15278bf0c065ffef32c227243829950623946d56f

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025
                                                                                            Filesize

                                                                                            19KB

                                                                                            MD5

                                                                                            c52f3521639f61d058b371c90f7340a0

                                                                                            SHA1

                                                                                            26cda00aa74d363215fe8e5de80878cf767d9747

                                                                                            SHA256

                                                                                            98dadb40ba05b9079b6c7cfdcdce83a11764b15cee748e1d6b06ef13e94f1736

                                                                                            SHA512

                                                                                            ead5c9d264cb85f32a1e4e7ca84df51b2d8fcad89abe35b8a9e461cab914224e5ee9c3b0cbcaf720ffaf43566b9d9c958667024e0e6988f948640fd782ff3f23

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003e
                                                                                            Filesize

                                                                                            8.4MB

                                                                                            MD5

                                                                                            8450908897067c9527740d735897740b

                                                                                            SHA1

                                                                                            71c993302b3174fe4fd712eaf8886a4842778e42

                                                                                            SHA256

                                                                                            f5a04c5d6ddcb4cc3925656919c37a9ca18f20f3623c722dc45499cf1e4de8a8

                                                                                            SHA512

                                                                                            841d6d732db87ca350dd7f4eda273584810dc976f6a368a141de8ea8d87113e8f8ef92c747ee2fa3dc8f906456e2c2c17b122d3f86dea9042c40acb9170848f8

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000048
                                                                                            Filesize

                                                                                            98KB

                                                                                            MD5

                                                                                            65e56706c75f6e9a6919adb6a758b8ee

                                                                                            SHA1

                                                                                            10a88a193c4a11bc6ae69e032061fdf62b564173

                                                                                            SHA256

                                                                                            4b9169f4e8dc65736458fb1d2d74ff0254cf5e3d883be7dfd05606eea40092c9

                                                                                            SHA512

                                                                                            2049960c061dfaec124791e5842985662d70ac7fe7996448c7ca6960243f3fa09da77561c0840a32677f55656d3e96a330f6a5fea579c17b3643929588e583e4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000076
                                                                                            Filesize

                                                                                            51KB

                                                                                            MD5

                                                                                            588ee33c26fe83cb97ca65e3c66b2e87

                                                                                            SHA1

                                                                                            842429b803132c3e7827af42fe4dc7a66e736b37

                                                                                            SHA256

                                                                                            bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760

                                                                                            SHA512

                                                                                            6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\13986ccd40e3a0f0_0
                                                                                            Filesize

                                                                                            303B

                                                                                            MD5

                                                                                            98401d3e586dffae563ec276a9b94da6

                                                                                            SHA1

                                                                                            488cf60d181b7a4e4bafbfafdf11eb30e4edc1e7

                                                                                            SHA256

                                                                                            8859641b12278c12496aa0eb2651ba1932b1b431b7dfb54a8838da4e9d2e0ac9

                                                                                            SHA512

                                                                                            ea94a2b6e3b06efa63f353354858b371376b30d6f300c862380bada5000a16856b2f5f4b28b9e5ca3ec2a39ca47e959c7f35a95969aa9c3d058674c8cf27f8d1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\41f5c08c73172cce_0
                                                                                            Filesize

                                                                                            53KB

                                                                                            MD5

                                                                                            05a3ae4f13f3291ee99fd57a221042a9

                                                                                            SHA1

                                                                                            542b857e0e5e38be36df52d1341284e50af84dc9

                                                                                            SHA256

                                                                                            aaa9f1161e521d860f93bfe5f942f1f836cf37ef2d7af4213c74a49f8a70814f

                                                                                            SHA512

                                                                                            8f4434fd974580a1ef7b5575bb9d971944cb23c87809c9bd2e4701ac2b6048ecdc5b40ad44ddba3510eb750ac0d287466d100de006007bec1c7ef984970b8f7d

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                            Filesize

                                                                                            5KB

                                                                                            MD5

                                                                                            70db5c6c93d03e5236fa84aa84616e3d

                                                                                            SHA1

                                                                                            ab2398b26eb081fd79131b950f1819f75517874e

                                                                                            SHA256

                                                                                            571a67833323e0359000d89267cc7efe98d9cd98051998ed6ba3e31d225b0da3

                                                                                            SHA512

                                                                                            70b8ccf3efcc817cd80b76b69338ba20a2bee26983234ac4ac43b96bf14caab3f71a7e1cf5decd3d23bc076c71c7db7d59aee7b38ce619bf55a6752ba029f664

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                            Filesize

                                                                                            3KB

                                                                                            MD5

                                                                                            70b51b2a52b055b3051eb89ad3d37eb6

                                                                                            SHA1

                                                                                            4c4f385b09065221b228661c7a26112c42c4cef4

                                                                                            SHA256

                                                                                            5fde328c6e4029af5ea308f44d7b564b8a32ef63291ae85e923a66cd19b4d3fb

                                                                                            SHA512

                                                                                            1e6215a0fd448ecb9f9fbda38381e86d2330c0077a0dd5acefc81d59ef7546996ded38049f1c29ea038f279503318984b96f2fc6bde70da9c3e1421f3bd592e1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            4b174799b01e2bde075adf3d55837977

                                                                                            SHA1

                                                                                            0b5f18a99a66330afc59d733fe2bb8a130a07dc9

                                                                                            SHA256

                                                                                            91323f006bca40ca22a90b93c8697b3338887190495f5958795b19f87a8aef04

                                                                                            SHA512

                                                                                            c6964a67d778f576b44356b1439b2fad8c5a0c65add17eb1c2c5c2111e8c2d92cd10f3632b8820816eeb4b689828e6245bb4dc0942818f31f44c81e5d9b21f64

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\CURRENT
                                                                                            Filesize

                                                                                            16B

                                                                                            MD5

                                                                                            46295cac801e5d4857d09837238a6394

                                                                                            SHA1

                                                                                            44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                            SHA256

                                                                                            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                            SHA512

                                                                                            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
                                                                                            Filesize

                                                                                            387B

                                                                                            MD5

                                                                                            487151ceec0ab4ca3faf5de45261c3d7

                                                                                            SHA1

                                                                                            6dc9c09a08ea3f7340bdb80deeaea9b431e5f72a

                                                                                            SHA256

                                                                                            9ede4c7996bbcf932c089fe4973133e18643b42d01aa70a25dc3ee9e09beac10

                                                                                            SHA512

                                                                                            3ed37efa1c29ac5527bd6cb9106d60ec4c2033341aded65eb406bf6dc96ce38ea999a5d5ee93587259f0cb20ed52883a6436bbe1b82b8e9b990667f7c64ff891

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old
                                                                                            Filesize

                                                                                            387B

                                                                                            MD5

                                                                                            efa2b536db5b37ba64e64e27e69c6380

                                                                                            SHA1

                                                                                            c29ed64e7458cf388b7be49806074f2a3c2769ce

                                                                                            SHA256

                                                                                            d46db8b34815ffce12ba6c433cfde5ec2d17fc9c520c38df43a738d7da3307aa

                                                                                            SHA512

                                                                                            24d7830fbe7108601ae01d6a28ae966789299444a26923abdc5cf2c80c92bfe38e4956f7b853803694fb87d33f94937527baf50ee076973458b47a5f70756a3e

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\LOG.old~RFe5f648f.TMP
                                                                                            Filesize

                                                                                            347B

                                                                                            MD5

                                                                                            ef3664e5f0507156ddcceedcc3bf7b73

                                                                                            SHA1

                                                                                            b67440e838e45918a0f08dbe3d6c1dbbc8a90fa2

                                                                                            SHA256

                                                                                            6549355cad6a10a332b4d92963fd15ee7d27168e391590a144a0a66ff34f8df0

                                                                                            SHA512

                                                                                            fef348c7ed69d412765c4f541b00000d17f44c5854775d0d85fed03287ed2ba41f36e0653bb55d4aa11c3f5a028ddb03185f69427a167fa6b31f25671aaeb164

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.roblox.com_0.indexeddb.leveldb\MANIFEST-000001
                                                                                            Filesize

                                                                                            23B

                                                                                            MD5

                                                                                            3fd11ff447c1ee23538dc4d9724427a3

                                                                                            SHA1

                                                                                            1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                            SHA256

                                                                                            720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                            SHA512

                                                                                            10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                            Filesize

                                                                                            3KB

                                                                                            MD5

                                                                                            7b5a613b4527cab9fb23cbce3768fc3f

                                                                                            SHA1

                                                                                            45b63ea58d336cc2ddf3352fdbabc92527f9130c

                                                                                            SHA256

                                                                                            d5aaa6206ad78a3cb871c63b8b2366f3fab2c498610a93dd0411bc40b6d83254

                                                                                            SHA512

                                                                                            a083e05589250ba432ed369bf720bf4659ab98d2b6dcc8d6e51da27463fc000e34f2642bbcca04978aab46ebc629db0a3ac1e21b36fa8188e83445223d1a7ec2

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            313dbde00e310f4c2db6dc0365e802d3

                                                                                            SHA1

                                                                                            88d5363215171e8765eab2eb2e2f139874c35949

                                                                                            SHA256

                                                                                            c0c8a295e9f6c5248c41cf6c56edab1c729af6bd7fa62b24dbeae0d285fb87e8

                                                                                            SHA512

                                                                                            0497f4dd764b83ad1b76617263f14eb12c4e36611bf44c1045e03020be429df0b5a56a0a7613c0fce555521dccbbe415730570866d56657298397a52d23339e2

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                            Filesize

                                                                                            11KB

                                                                                            MD5

                                                                                            e69db2e2650183e07229fc752d005fd7

                                                                                            SHA1

                                                                                            ca782897961caf1f08e8d7be35369e21e51d80ed

                                                                                            SHA256

                                                                                            012d4760f362aabb8434e17dab084979c4a5a60bf4462b2945e24207135ab54f

                                                                                            SHA512

                                                                                            0c05a8b507f0b43ada415b617fbfa3200d177e2425516abb45142fe174b0658cf2edf078fd574f83d9828ac7e3edede776335a807064e5bae66000cf355187af

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                            Filesize

                                                                                            2B

                                                                                            MD5

                                                                                            d751713988987e9331980363e24189ce

                                                                                            SHA1

                                                                                            97d170e1550eee4afc0af065b78cda302a97674c

                                                                                            SHA256

                                                                                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                            SHA512

                                                                                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            3KB

                                                                                            MD5

                                                                                            785781b069996e14e2fd8997e4195f6a

                                                                                            SHA1

                                                                                            90eaae4b66884c64f0cad0fd650a1f3112b550e2

                                                                                            SHA256

                                                                                            61bcbb9925b132d228fcda3bc6ae363a4c5e8e83f836ab0e9cde24cea0b24a63

                                                                                            SHA512

                                                                                            2706911345384af221075c581fc06ec3b25143a508d5e29b73945daf27bc24ab58506257e03c6d3a4576def33bf7c8968d924b1ecbd973f9a9c7f59d9f8c3b7a

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            356B

                                                                                            MD5

                                                                                            323743e331363f8423314c82cadc435e

                                                                                            SHA1

                                                                                            684d797b342e68e73a913df38b2f21b5b2da2026

                                                                                            SHA256

                                                                                            c40d80a621f4cb46f495bbf9dc5abd811a1f7e5195137a1892606de668a3d184

                                                                                            SHA512

                                                                                            2c22b3e0bf9747408980012344381b450a8d95794532031f0ea55975e46e50a059b169b728b061245133bc5bb9fecfce643aef8342e213921333899a294ba000

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            3KB

                                                                                            MD5

                                                                                            9b7dacd38d5826a1b8e99097e883337a

                                                                                            SHA1

                                                                                            bba3f5a434be9edfdef230d6bd0b86ef014a780f

                                                                                            SHA256

                                                                                            3050bcc84bc071cc8c4a54b543a329298c520a8636a13ef7dc9219e6988db884

                                                                                            SHA512

                                                                                            56c8b19a6a6e0465fec3b5320ea314b0a827b0bb7ad90540b798954f55b1157d6f58f6a42fd3f60ff0e0d36f5da94e8fb05a53db1653906394d0aa5cded0b374

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            524B

                                                                                            MD5

                                                                                            aef53666cca101c58cb938b5dbdf5d04

                                                                                            SHA1

                                                                                            c21a78c4ad50e3c03aefdd50375ca0a3b2bd592b

                                                                                            SHA256

                                                                                            27f65cf9063b4c795365fcbe0a9b34b0ef2b43ee9fcd4a285836984a63b340c9

                                                                                            SHA512

                                                                                            8ab5f1dab65d85f4027329f08f7f1ae93c98e05404d334e5e95879022bc60c4c398ff9ea631d3c8f661643ea56dd54a2a71ab0ba1034c5aab18c0fd3f0de89e0

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            645ad0626868d8ef676af7e5864e80a7

                                                                                            SHA1

                                                                                            3adcd2648fc0b12b164776371ac73115a1d9e758

                                                                                            SHA256

                                                                                            90014b55357c70b9b66f29a2534381448c40a0904b6c428374da8c9105dbb88a

                                                                                            SHA512

                                                                                            cb424a02a68c1cff84c1715e3d20c718a5629d69d2422ffb5331b43eb0bc4bea45c098ae59c6f596a38a4bd5fdd1e63823fba4f5a3e79365a0833735958612e1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            2c381e76b8d8907adabff27c9ac4f293

                                                                                            SHA1

                                                                                            7492f4944c00f947a65f9ee7508689faa28d8a99

                                                                                            SHA256

                                                                                            782eee94ad2e22622453febee455cbd9e5ff5315ac36acc8e2f938a739aeb235

                                                                                            SHA512

                                                                                            9ee33ce36533d16224349eaf5b7077b65f1a396efebf3e9ec006baefe32936bf79f9fd55709eccb761f474bf4d4cba8ba9d9cd1ff1c4b96cdd79b630bf8eb7cf

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            3KB

                                                                                            MD5

                                                                                            f152a19119ea6af44027f329862fa7b6

                                                                                            SHA1

                                                                                            167d1b121167eb7de79a3ad17139564a6c13f6bf

                                                                                            SHA256

                                                                                            08e0cce9589f7e81b377b6f5a0fb60d4fcc9d38d66a38160894f4256b0e33aa1

                                                                                            SHA512

                                                                                            64383c25ede653b69b00458f0a16ba18e2aa1aaec3fc23442016295cde74163c154a6af8e15a9815527b0abd90a754d094bbe28604fcd5bc12cac59193a0c445

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            5KB

                                                                                            MD5

                                                                                            60dc023cf9eb62e06aa6227c842c195d

                                                                                            SHA1

                                                                                            2c1b100393982fce2e36bf4142ee3c99e772f1fd

                                                                                            SHA256

                                                                                            7bb904e11b6eb913cc2ace19b31cc480992ef17b42adda4a0a0f3e5abca6ae49

                                                                                            SHA512

                                                                                            fe440c5e32dae340a2d85a55ffc04975a91ab986f942e68a928da5c31a7d8cf3c30de13df6e9eab15b99c3b323ba90498fe2fa1efaa2619d74e9cb92d6dbb2c4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            5KB

                                                                                            MD5

                                                                                            65f698623b5c05dcf4b909919e873230

                                                                                            SHA1

                                                                                            c27acbe5f02377f4f3919d1a4b0cfcf9b949292f

                                                                                            SHA256

                                                                                            6e40afeaaa26727c9938f10b933efa6848344e49fe2505cfa0ecc6b9ac71929a

                                                                                            SHA512

                                                                                            ea8087e8c907b8e8df177a1a51bf490c2e89a0ae8d33c2dbdd77cf783e9350bb06e573774933fc1e171af731be657b0749c5fa4d61727bd9dd2cc74a6d0d6425

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            2e3ade5ab4a7f162c15364bc39d54903

                                                                                            SHA1

                                                                                            0e3cfddc96169f6bc6bb6be83e080b65867c2245

                                                                                            SHA256

                                                                                            73d0d85ff0017e4d9d4e8637c491287a85c36d6bf6d596a2112dc4ba31f81bf6

                                                                                            SHA512

                                                                                            27b6b165e9b31ea7e4573134f6eb0bf1fa05c7cf99d87cf5232243c024153e4c47533c5f2c9078b354a13d70c5d45e54fe2bcb28558197a50cd1cd1bf9bcb9a6

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            b16bf52f51357cea68b6a7cb11697cb6

                                                                                            SHA1

                                                                                            c59e828ca71e981b2cc81c241911a8c0085e086a

                                                                                            SHA256

                                                                                            5120df9001d237843efebe4bd764bce911cb7ca750ebfbc1a7d80182e5d1ed81

                                                                                            SHA512

                                                                                            6513bcd4d7aca58b7869b8be45476f5c522c2e24cfcdec6993e973e4c840b726f1294b67dee01843b3e306c67f0c742eb1c67eab1b106bead3b1fce40aee31fe

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            275f02f6f25065451b006937d00c394d

                                                                                            SHA1

                                                                                            1830597d4918c5a956a62ee9f0775d336a22c299

                                                                                            SHA256

                                                                                            7e2bd3acd41498f87d706926357c998f19664ed0cc3b24875caafda06f9be987

                                                                                            SHA512

                                                                                            935428c98760042701d16c5accc73bc79f0127c0abb8020a5f79269fbecd8e8fee9aa7563f0f6ca022069459f4f9049c9fa11788face60123bd76844d81dcd60

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            6d0cbf56fa4cca7821ea731abfd3eb45

                                                                                            SHA1

                                                                                            18ba8dd4bd59a8d1dcb43649411cdc77e92f4f61

                                                                                            SHA256

                                                                                            7e7cd91a14f89f91a38c48c5d5171875dc1c64c10ea8d91b060334a22c56cd91

                                                                                            SHA512

                                                                                            71f314269f921ce587ac48c12cc53ef4083d3db47f6edab9c63f2f1248553193be746a9ba6ef38457e4aa451ee30554e28de462f1580265342036bb84c3beaea

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            3KB

                                                                                            MD5

                                                                                            550f7b90c45231d5b3bc84d66c01b055

                                                                                            SHA1

                                                                                            0080e35fa5362f73a3bf10c0c56b8f9526b9ed06

                                                                                            SHA256

                                                                                            3b636f17d024ff0f7361a5ce524b54f69c157c6b7078a60d070045f3fe30db80

                                                                                            SHA512

                                                                                            71f7dcaaf8278054a934f1f18cbc6608bc53c5ae7f061d3a9a5bed112523076fd656d04803ef09546c1c76ac18fe2746f78dc6102d9af992f92d415c278844da

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            df6ea94c071b9b0f35bc6c1ff8e1f0f6

                                                                                            SHA1

                                                                                            e7ed5e14a39769adb39dd818a2572f9e41fb1850

                                                                                            SHA256

                                                                                            341c966d7e92ccca504b1c626e489a2411b55f81df580729116e7a43c2abfe1e

                                                                                            SHA512

                                                                                            e9c8469511e5ba465834dfffc123230ccbc4c753cfe387b41f4a708080c6fc15d8d48687f1263cdde1656c0cda24ce44753b726114f059118d46946192ceb417

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            09041eefc224657d451b87138746662b

                                                                                            SHA1

                                                                                            bbdc7c06f7f5d1867ead3b4276541e05ab804823

                                                                                            SHA256

                                                                                            7f60734ad692d255907323c1e81bb648009c10d6418ce0fb50647d5f7f4f658b

                                                                                            SHA512

                                                                                            81a28c5d8e06d2b1f57f2e9468ef30f2d5ffeb5530d5bc7ca2c2883eacbac50d8b89e0b3183f72423b9dd13f6c2711831a8780d5c65da6dc94b5a818d5dded5c

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            26915043512f0b7612e432a0ea56ec2f

                                                                                            SHA1

                                                                                            c0510f2d2dc1c77c9e79a633e48b61f74364a4a8

                                                                                            SHA256

                                                                                            cab975bf38583465dc287485109d5186e99b8605e8bba0c6270f1febe4bdb680

                                                                                            SHA512

                                                                                            f7073733cd3e4a8dc2188f5c15d266c9331bf0828e51f345a85ea42e67a1dea63e1e5b35facf2c12c32800f2d809e13b369cb62f62924729f143bce3093771c0

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            f575ca852eb92cc0c5b858710405dc93

                                                                                            SHA1

                                                                                            812a8eab5d8e4b6f9007b8031bf748494ef50d78

                                                                                            SHA256

                                                                                            62818f005f862a31ffe8a12b9bf9f009c96914eaa34e68b8e4506e25298fdb3e

                                                                                            SHA512

                                                                                            2bbbde5f02e938f1c88797b9a7531be636135ff9160069111ab424593e8fe6f47367574230ba6a2da6cb6388251a434fbd603fd9d7b8382b6450d6b87dc914bf

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            16cf3906e20b361b8016161c8a14abf6

                                                                                            SHA1

                                                                                            a0186707cf9d984bbe1aa10f611a78de49bd67f7

                                                                                            SHA256

                                                                                            26857b7860d2c6bbebeb9bfede4826b444ef46c19a1a6f55ff051ebda47be17a

                                                                                            SHA512

                                                                                            4f5372fd8f57b0a52cfde70d7a2ed810ff67b243cf47d75860024e7143ee224e8e3e6c1ac8cd4d7c71ea38712c5040dda64552380f773946c90aec2aa05c7ff1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            7950231c6a4fef75bad641b28d65d13d

                                                                                            SHA1

                                                                                            3cbd3eccda4750a9956933cf6a80ac42bd4f1950

                                                                                            SHA256

                                                                                            4e5520872dd648bd364dbad7cb2c54b879d07a2487fc4fda117e4d514c097381

                                                                                            SHA512

                                                                                            bc3168f53c5f9ec3d120d81b413aafc2d04455b90bac8d2e29c5190dc5d7e28b050a42f5247ae411f0b50a7011410df0b6eab06fd581b700067b3888867b0845

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            940fca0ded87f01af66eea5e2c57f14a

                                                                                            SHA1

                                                                                            5370e257bc72d69d1f505def04429611799b300c

                                                                                            SHA256

                                                                                            0be20660bed9b230dcea29fcd5d422840d24a93faac5e8d0e625a63afb4e20c4

                                                                                            SHA512

                                                                                            393c712deb9379ceaa069453d0c5c1f277476be450e97759a9964f65159e689cbc8bcb88833a21d799333f773e75f38050361b85b9774d2ec79b63cbdb6be195

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            462151d269ee003db44101fbef8a645e

                                                                                            SHA1

                                                                                            2fc869bfdd96b01ec5adc9cdc1783c4082b99492

                                                                                            SHA256

                                                                                            81d0de31997c40203a91e759ba9bfb316b9d58d9fb5b3ef8a373b405edfae484

                                                                                            SHA512

                                                                                            0af42fbf05b3163ce6ab39298e002489028cbe289a55aa089295ec0e5dc0c63e04982ec7cec30ec7f2a654fcf35971945513cd56156139673297e657c757fb58

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            2e24ec7eaa466d1ad758d0c005b4e55a

                                                                                            SHA1

                                                                                            8f953114c10dbf02a64d948b745d41e157822fd4

                                                                                            SHA256

                                                                                            bc18f691673a94ca536a647e56d09468fd7076b87cb489cc6d413f3933bd559b

                                                                                            SHA512

                                                                                            e840aae87d535b789ecae7a3e8468d6948dbbdc201a803c43718ba22c42d635d533c3eed23151451ebd9368ae07f57ef573bbb1e237f6aec369f67d4bb24bf6b

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            a2e31b5cfb295eff07572b462cd6efc0

                                                                                            SHA1

                                                                                            dbd976723b2a084d854cd53a2975ba260d0358c5

                                                                                            SHA256

                                                                                            5aefe329ac92c578071cdecc45701e5929fc1403f2a95bfb7d2e2f94fb81c179

                                                                                            SHA512

                                                                                            7e584cb74b6ba60d16053ac8519b7333a63553849f4a1422992d903ab98680d36ed977efbf42b1e53fc7c0440b8a38151f6e27caeb5d708bb2efd55796b680a0

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            02a31474974ed8bda2c6362193608b5f

                                                                                            SHA1

                                                                                            a813cd2f6b826c8aa1f88e35d33ef6ffb5724fe4

                                                                                            SHA256

                                                                                            33f952bb4f171c984d6a3579437cd0f239798d59101d00b9713373bb253c0ef4

                                                                                            SHA512

                                                                                            a78c678d4233a0b361e99f37acffb17fc7124a5900637bc65d8aa1a87604dbfae7a40d2a3729b8ea5deac7185e99f9b2cfc19ca9fcac2dcb0d5f885c5959dcf2

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            93ca938d4af97216839e5abd2f52bb1d

                                                                                            SHA1

                                                                                            d44f6f29b90ad15694c576aa57d061e4c8c8d196

                                                                                            SHA256

                                                                                            208fe06bc3f240e6363546708ac1fbaaaf14c5b55f65110c2c10597af6260104

                                                                                            SHA512

                                                                                            21fd3fb14f0fd2d3913944d204bc3e14051d11f95b8fb26ff84b9891de3e9b78b7c9b977c4926c13e0479de5c3a5ce7fc801a5e589d1598a993e4a969cde5f69

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            3255654ae7fa1a4ce0cb13030429b5ed

                                                                                            SHA1

                                                                                            239e3468f55d16fe523278ba8b7ffb205f56a5f5

                                                                                            SHA256

                                                                                            df3b26de989ab69e0eb17fdc872c7d8b4170d11b61d04cd02af4c18576a5e4ea

                                                                                            SHA512

                                                                                            58646c863265c4d781bfd7634776cec978622e8d08ec717d35d3a31b4574d0814e4dc31b7632cd8ae299606681a738e63ea45fe547f948c31e4b452cc80c07c9

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                            Filesize

                                                                                            9KB

                                                                                            MD5

                                                                                            0397a0e2c843ae2db8744c095a371ede

                                                                                            SHA1

                                                                                            f8769b05e24dbc0e34275a5c2e0fbe432d3e0d4d

                                                                                            SHA256

                                                                                            f79acaebb9d0787b0824cdc91b85ee03e20777dd5e762a87244796a600aebc60

                                                                                            SHA512

                                                                                            9a927f4c9293afd1a30bab9bc8dfd4c21c9b54b41e456dba128a4f217a1dfa4165a7463fb608e7cdb0f2408f807e1f0e424337c53d6814ab9c34383b34519b7d

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                                                                            Filesize

                                                                                            16KB

                                                                                            MD5

                                                                                            d9db9e2cd2db5af7010a78ee7450c119

                                                                                            SHA1

                                                                                            90fe476272d33894ac199ee8e7e240c8157690e8

                                                                                            SHA256

                                                                                            50e4ea7c2308490d6058339bc292f7661d8cc49013e940e45425283f01d90429

                                                                                            SHA512

                                                                                            13f10edfc7976638bb683502fd0989ca6e98fdd55e87b2a253d29c2487b1a621267318d16a8dd03d22a30ee691082b57467828387b6c0c68a0c8b95ed83f4c36

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                            Filesize

                                                                                            272KB

                                                                                            MD5

                                                                                            d8386e6ac1f1ab9859a930c6f2f7a0d6

                                                                                            SHA1

                                                                                            98176b94dcef84b2093c5600dae20845bc51db9f

                                                                                            SHA256

                                                                                            307fa4faeda56d9c34f0702b797019eec528576057649f2f3d3cc6acc4967589

                                                                                            SHA512

                                                                                            bca365dfc4caa7865980a64f02b26415299de72fde23f5eeb3b2724a33883acce8e7fcdbdfee86f272ed222031894b51bc6dc92e911033483a6348bd7786eae4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                            Filesize

                                                                                            272KB

                                                                                            MD5

                                                                                            75f99a4acf53d6d6c3d5dc4f67a36136

                                                                                            SHA1

                                                                                            f5e82e7418e2f8439dbc81c7617bcce94e82f313

                                                                                            SHA256

                                                                                            758e091295c5c9daaa851a06ba8b44df831bb8aac626bbff34bc89b774c74b17

                                                                                            SHA512

                                                                                            be352e7f12621f686bc9d7008d546c0479ebb784290762d2465b4c3b851b269460ec7b4ff2b3ce8ec5b71661802a1286e109349a2638abaa17bc440cc7b9f4c4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                            Filesize

                                                                                            272KB

                                                                                            MD5

                                                                                            d959ef10b98dd86bbca84f99fe549e93

                                                                                            SHA1

                                                                                            963a51564e5384f93570c123860123948272d278

                                                                                            SHA256

                                                                                            c492a216b81767bb7e52e2d6d7448c60a8c1cd0dbb2464bdb09599958f58d160

                                                                                            SHA512

                                                                                            fe324f9b3ba5dd3178806e8b4497fb7a837e0cdf61bb76277a99cd62b9259c2527344a8343b56c6369eb9037fa688a3b730556a9bae90e7f454e5a7150131cdf

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                            Filesize

                                                                                            103KB

                                                                                            MD5

                                                                                            438145d57ebce18b97470e3e0443da10

                                                                                            SHA1

                                                                                            6feb81b591fc02f8a3385cd6f7247cd9cad35115

                                                                                            SHA256

                                                                                            cc6c82b8afc37ff31d3624820f626048902b1a12abb366186dd58d5543923ebe

                                                                                            SHA512

                                                                                            37ede7a689106b11f8ee30a77c18a4ec4d5339a7d3b0aae73e4d619e18c56aeb3aa1c48f1ca4d06b3a436ae2e891b523f3b779b316f59bb9494ea953e803361e

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                            Filesize

                                                                                            91KB

                                                                                            MD5

                                                                                            c600b49b77b10ff1359420d20f484e2a

                                                                                            SHA1

                                                                                            045bddbf4be55ccba369ef1d65231d769f6f73bc

                                                                                            SHA256

                                                                                            7b6bc143b48ddd3eea35ff7280101b77d5a9952b8e8b634a766076a10536aae0

                                                                                            SHA512

                                                                                            b65574aaece74f6cda9aac7e5865384e630c623c9b185cdeb2958b684970eb67481bf843e1a5acbba93f8875d6ba064ac7cb7564425a2222d53a0cf68f0a3819

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                            Filesize

                                                                                            106KB

                                                                                            MD5

                                                                                            861b187b644ac78d2bea18114e864581

                                                                                            SHA1

                                                                                            fcf5b6920f2200aeb3959dd6d1cdac9f50c71a74

                                                                                            SHA256

                                                                                            cc799ef94f8b407ad748135657eca21834927dcc2f1ff9d4f8e50699c91189be

                                                                                            SHA512

                                                                                            318eb1cd636c26964d399f86f462c50812045c760de5792f6e098e861beb57da00e9a69d00fc438f269e19bd65463a0b16827a24b7d3a0698f9f2f05ac090659

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                            Filesize

                                                                                            104KB

                                                                                            MD5

                                                                                            ab18174722d0313de2efc0b5be4d0434

                                                                                            SHA1

                                                                                            8c9d2d68437da953c64bd5c59a3e2826a74c9948

                                                                                            SHA256

                                                                                            b9b08b8e235677c7c30129a005ecf5b872373e6e5a3c7cc4157a003aecb6f165

                                                                                            SHA512

                                                                                            72320a291f5505f841e167943aa341d037909e384b89a5997ae829b2249cb577a044a177674e77192d682196df4f9938eb3c719c5b25ee9909bbd0ca27dbffd4

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5d27fd.TMP
                                                                                            Filesize

                                                                                            88KB

                                                                                            MD5

                                                                                            ab528c7ea7ecac2aa6e297e3b489a02d

                                                                                            SHA1

                                                                                            08e808132912492aabb5b7dc6920fc55af01531b

                                                                                            SHA256

                                                                                            824e0e94d4a59a1cc3e15dfeec2f292c46ecf5f58cc2b9da927854ee1bc2dce7

                                                                                            SHA512

                                                                                            5e0519543356f2a8db39030b89c9b6a9e1b007aa9f62a7cb646236651c29ca114b49dc68e65e17b46fc49487e03a2aa6f3c2aa31fa055da982881a7addc9ea3b

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
                                                                                            Filesize

                                                                                            264KB

                                                                                            MD5

                                                                                            45099f0d5fb99aad0869a4e73a0b2949

                                                                                            SHA1

                                                                                            e39457d87cc84c7cecff2f55295ff4f285629630

                                                                                            SHA256

                                                                                            5ba7899e5c6210f31806124f826108288b6fc89f11d59637d3755c471593fe47

                                                                                            SHA512

                                                                                            5b2c6dbbabfd27db8bdc98ad20e0eb23fc6c9f7cf21a80c4b4ce2a8005058223311c78a777ef5fb7fd1628ec1f627e8ff28bc52d93daf66bee94658c735ebd05

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Luau Language Server\server\index.js
                                                                                            Filesize

                                                                                            6.1MB

                                                                                            MD5

                                                                                            6b1cad741d0b6374435f7e1faa93b5e7

                                                                                            SHA1

                                                                                            7b1957e63c10f4422421245e4dc64074455fd62a

                                                                                            SHA256

                                                                                            6f17add2a8c8c2d9f592adb65d88e08558e25c15cedd82e3f013c8146b5d840f

                                                                                            SHA512

                                                                                            a662fc83536eff797b8d59e2fb4a2fb7cd903be8fc4137de8470b341312534326383bb3af58991628f15f93e3bdd57621622d9d9b634fb5e6e03d4aa06977253

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb
                                                                                            Filesize

                                                                                            896KB

                                                                                            MD5

                                                                                            50c09f2694e2b571c60486cfdfd372e9

                                                                                            SHA1

                                                                                            0953b665ee3eba86cec45fdb81124148bcfbbaa1

                                                                                            SHA256

                                                                                            31f766c92ddc5473412316d09d7bea0297392e33f2acdeec7f53d1a4b7f690b2

                                                                                            SHA512

                                                                                            ddd3a0e8032547cb835e831b9f4d7259d5211d72b2ecb724b4fb7c91db35995e2488d8e60500a76a6fc47e789145cfa60452891835e9289c1e0fa35a0956be27

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak
                                                                                            Filesize

                                                                                            9KB

                                                                                            MD5

                                                                                            7050d5ae8acfbe560fa11073fef8185d

                                                                                            SHA1

                                                                                            5bc38e77ff06785fe0aec5a345c4ccd15752560e

                                                                                            SHA256

                                                                                            cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

                                                                                            SHA512

                                                                                            a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe\LocalState\ThirdPartyNotice.html.~tmp
                                                                                            Filesize

                                                                                            104KB

                                                                                            MD5

                                                                                            effecce1b6868c8bd7950ef7b772038b

                                                                                            SHA1

                                                                                            695d5a07f59b4b72c5eca7be77d5b15ae7ae59b0

                                                                                            SHA256

                                                                                            003e619884dbc527e20f0aa8487daf5d7eed91d53ef6366a58c5493aaf1ce046

                                                                                            SHA512

                                                                                            2f129689181ffe6fff751a22d4130bb643c5868fa0e1a852c434fe6f7514e3f1e5e4048179679dec742ec505139439d98e6dcc74793c18008db36c800d728be2

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133641144837190956.txt
                                                                                            Filesize

                                                                                            89KB

                                                                                            MD5

                                                                                            1542ac43ec57958851d0c104ce800cb6

                                                                                            SHA1

                                                                                            2820f4917909f29301a33af5c79db3c91e70b15f

                                                                                            SHA256

                                                                                            9704ff1907c3919dc20e6f4a64de0ad0d549ad4fe8d84c143fc7fb652ae50337

                                                                                            SHA512

                                                                                            c29eeaf2915563ef2b04b8bcc69b8b6d9ce1f15e3c5f6720aef022fdc7fe88f01ec94d3b749ff9914d2986437fe1c72c28ca72c8eaeedc70e6401e9cf0035842

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\TempState\CortanaUnifiedTileModelCache.dat
                                                                                            Filesize

                                                                                            23KB

                                                                                            MD5

                                                                                            7338ed3076888ab342b17b9806964e24

                                                                                            SHA1

                                                                                            6ae9d242f3e60df1cb920a78a9a0518983f00f83

                                                                                            SHA256

                                                                                            497f144ca51203101731b29d76e91258db9c39b0639d8ec889a3c978492929ba

                                                                                            SHA512

                                                                                            834f58269ab30c003b46f11ff6564686ef4529ae4461a15f4c50a3dc7a9cf438e95d0373bcc72a9b2760785fc79e44c330e5e5eb1a9d5f80b55d51781f59cbf0

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Wave\CefSharp.Core.Runtime.dll
                                                                                            Filesize

                                                                                            1.3MB

                                                                                            MD5

                                                                                            09cba584aa0aae9fc600745567393ef6

                                                                                            SHA1

                                                                                            bbd1f93cb0db9cf9e01071b3bed1b4afd6e31279

                                                                                            SHA256

                                                                                            0babd84d4e7dc2713e7265d5ac25a3c28d412e705870cded6f5c7c550a5bf8d5

                                                                                            SHA512

                                                                                            5f914fa33a63a6d4b46f39c7279687f313728fd5f8437ec592369a2da3256ccff6f325f78ace0e6d3a2c37da1f681058556f7603da13c45b03f2808f779d2aa1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Wave\WaveWindows.exe
                                                                                            Filesize

                                                                                            7.5MB

                                                                                            MD5

                                                                                            8a2cd9abb3b07e6d39a196d489905b16

                                                                                            SHA1

                                                                                            f632456bb3f8121efe7a93a5a440188eb69d76dd

                                                                                            SHA256

                                                                                            32908075eab8e0137e3f4e02e1101fdc53906b56085ec84a2990a27fe147fb63

                                                                                            SHA512

                                                                                            f31741334464b5e3d962e0e4c8d4a9634d7191e369023582af389261298295862b718eda01b123c0540e494d887b34cf5b3dd204953d778c814c57cf7629154f

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Local\Wave\bin\Background.mp4
                                                                                            Filesize

                                                                                            4.6MB

                                                                                            MD5

                                                                                            9782180eb68f73030fe24ef6a1735932

                                                                                            SHA1

                                                                                            589827fe098ba048c9f871a28db8eae3e3537ff4

                                                                                            SHA256

                                                                                            3a1cbb800f8f25c2ab703ba8bfdb01e938e4143c3bc0fea8ca734fb5ba779ba7

                                                                                            SHA512

                                                                                            dc768638bae2d6d47d8910252ae64a656d8a6fd88efdf24165ddce51b7afdb4acb3fddd41dfe788737a2cab4fab66174db2f0d2f48bc8669af76d1656bca8be1

                                                                                            Download Submit
                                                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
                                                                                            Filesize

                                                                                            2B

                                                                                            MD5

                                                                                            f3b25701fe362ec84616a93a45ce9998

                                                                                            SHA1

                                                                                            d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                                            SHA256

                                                                                            b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                                            SHA512

                                                                                            98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

                                                                                            Download Submit
                                                                                          • memory/744-7439-0x000000005D670000-0x000000005D880000-memory.dmp
                                                                                            Filesize

                                                                                            2.1MB

                                                                                            Download
                                                                                          • memory/744-7479-0x000000005D670000-0x000000005D880000-memory.dmp
                                                                                            Filesize

                                                                                            2.1MB

                                                                                            Download
                                                                                          • memory/744-7438-0x00000000001B0000-0x00000000001E5000-memory.dmp
                                                                                            Filesize

                                                                                            212KB

                                                                                            Download
                                                                                          • memory/1856-2-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/1856-240-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/1856-4-0x0000000009750000-0x0000000009788000-memory.dmp
                                                                                            Filesize

                                                                                            224KB

                                                                                            Download
                                                                                          • memory/1856-8-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/1856-14-0x0000000000E50000-0x0000000000EE6000-memory.dmp
                                                                                            Filesize

                                                                                            600KB

                                                                                            Download
                                                                                          • memory/1856-3-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/1856-6-0x000000007512E000-0x000000007512F000-memory.dmp
                                                                                            Filesize

                                                                                            4KB

                                                                                            Download
                                                                                          • memory/1856-18-0x000000000A870000-0x000000000A8E2000-memory.dmp
                                                                                            Filesize

                                                                                            456KB

                                                                                            Download
                                                                                          • memory/1856-0-0x000000007512E000-0x000000007512F000-memory.dmp
                                                                                            Filesize

                                                                                            4KB

                                                                                            Download
                                                                                          • memory/1856-16-0x0000000001030000-0x0000000001038000-memory.dmp
                                                                                            Filesize

                                                                                            32KB

                                                                                            Download
                                                                                          • memory/1856-5-0x0000000009730000-0x000000000973E000-memory.dmp
                                                                                            Filesize

                                                                                            56KB

                                                                                            Download
                                                                                          • memory/1856-1-0x0000000000390000-0x0000000000522000-memory.dmp
                                                                                            Filesize

                                                                                            1.6MB

                                                                                            Download
                                                                                          • memory/1856-15-0x0000000000EF0000-0x0000000000F16000-memory.dmp
                                                                                            Filesize

                                                                                            152KB

                                                                                            Download
                                                                                          • memory/1856-7-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/1856-20-0x000000000A820000-0x000000000A82A000-memory.dmp
                                                                                            Filesize

                                                                                            40KB

                                                                                            Download
                                                                                          • memory/1856-19-0x000000000A810000-0x000000000A81A000-memory.dmp
                                                                                            Filesize

                                                                                            40KB

                                                                                            Download
                                                                                          • memory/2556-278-0x0000000004D90000-0x0000000004DDA000-memory.dmp
                                                                                            Filesize

                                                                                            296KB

                                                                                            Download
                                                                                          • memory/2556-271-0x0000000004CA0000-0x0000000004D8A000-memory.dmp
                                                                                            Filesize

                                                                                            936KB

                                                                                            Download
                                                                                          • memory/2556-267-0x00000000003F0000-0x00000000003F8000-memory.dmp
                                                                                            Filesize

                                                                                            32KB

                                                                                            Download
                                                                                          • memory/3600-332-0x000000000DB10000-0x000000000DD84000-memory.dmp
                                                                                            Filesize

                                                                                            2.5MB

                                                                                            Download
                                                                                          • memory/3600-7386-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-237-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/3600-238-0x0000000000B40000-0x00000000012CC000-memory.dmp
                                                                                            Filesize

                                                                                            7.5MB

                                                                                            Download
                                                                                          • memory/3600-241-0x0000000005D80000-0x0000000005DCA000-memory.dmp
                                                                                            Filesize

                                                                                            296KB

                                                                                            Download
                                                                                          • memory/3600-243-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/3600-7420-0x00000000163B0000-0x00000000163C0000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7419-0x00000000163B0000-0x00000000163C0000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7399-0x00000000163B0000-0x00000000163C0000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7400-0x00000000163B0000-0x00000000163C0000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7401-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7403-0x000000000A510000-0x000000000A520000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7404-0x00000000163B0000-0x00000000163C0000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7405-0x00000000163B0000-0x00000000163C0000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7406-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7407-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7402-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7391-0x0000000015910000-0x0000000015A96000-memory.dmp
                                                                                            Filesize

                                                                                            1.5MB

                                                                                            Download
                                                                                          • memory/3600-7390-0x000000000A510000-0x000000000A520000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7379-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7380-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7381-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7383-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7384-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7385-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-8298-0x0000000005960000-0x000000000596A000-memory.dmp
                                                                                            Filesize

                                                                                            40KB

                                                                                            Download
                                                                                          • memory/3600-7382-0x000000000EF80000-0x000000000EF90000-memory.dmp
                                                                                            Filesize

                                                                                            64KB

                                                                                            Download
                                                                                          • memory/3600-7342-0x000000000AA40000-0x000000000AA48000-memory.dmp
                                                                                            Filesize

                                                                                            32KB

                                                                                            Download
                                                                                          • memory/3600-7309-0x000000000A9C0000-0x000000000AA26000-memory.dmp
                                                                                            Filesize

                                                                                            408KB

                                                                                            Download
                                                                                          • memory/3600-7305-0x000000000A440000-0x000000000A47E000-memory.dmp
                                                                                            Filesize

                                                                                            248KB

                                                                                            Download
                                                                                          • memory/3600-7128-0x00000000118B0000-0x0000000011DDC000-memory.dmp
                                                                                            Filesize

                                                                                            5.2MB

                                                                                            Download
                                                                                          • memory/3600-6908-0x000000000E440000-0x000000000E4E0000-memory.dmp
                                                                                            Filesize

                                                                                            640KB

                                                                                            Download
                                                                                          • memory/3600-6886-0x0000000005FC0000-0x0000000005FF8000-memory.dmp
                                                                                            Filesize

                                                                                            224KB

                                                                                            Download
                                                                                          • memory/3600-4795-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/3600-340-0x0000000075120000-0x00000000758D0000-memory.dmp
                                                                                            Filesize

                                                                                            7.7MB

                                                                                            Download
                                                                                          • memory/3600-333-0x000000000DF50000-0x000000000E033000-memory.dmp
                                                                                            Filesize

                                                                                            908KB

                                                                                            Download
                                                                                          • memory/3600-318-0x000000000FDC0000-0x0000000010114000-memory.dmp
                                                                                            Filesize

                                                                                            3.3MB

                                                                                            Download
                                                                                          • memory/3600-317-0x000000000FB30000-0x000000000FB52000-memory.dmp
                                                                                            Filesize

                                                                                            136KB

                                                                                            Download
                                                                                          • memory/3600-310-0x000000000DD90000-0x000000000DE42000-memory.dmp
                                                                                            Filesize

                                                                                            712KB

                                                                                            Download
                                                                                          • memory/3600-252-0x0000000006600000-0x000000000675B000-memory.dmp
                                                                                            Filesize

                                                                                            1.4MB

                                                                                            Download
                                                                                          • memory/3600-244-0x00000000062A0000-0x0000000006386000-memory.dmp
                                                                                            Filesize

                                                                                            920KB

                                                                                            Download
                                                                                          • memory/3600-242-0x00000000034A0000-0x00000000034C4000-memory.dmp
                                                                                            Filesize

                                                                                            144KB

                                                                                            Download
                                                                                          • memory/5344-7532-0x000000000A0A0000-0x000000000A0A1000-memory.dmp
                                                                                            Filesize

                                                                                            4KB

                                                                                            Download
                                                                                          • memory/5344-7534-0x000000000A0A0000-0x000000000A0A1000-memory.dmp
                                                                                            Filesize

                                                                                            4KB

                                                                                            Download
                                                                                          • memory/5344-7533-0x000000000A0A0000-0x000000000A0A1000-memory.dmp
                                                                                            Filesize

                                                                                            4KB

                                                                                            Download
                                                                                          • memory/5344-7538-0x000000000A0A0000-0x000000000A0A1000-memory.dmp
                                                                                            Filesize

                                                                                            4KB

                                                                                            Download
                                                                                          • memory/5680-11400-0x0000018EC40A0000-0x0000018EC40AE000-memory.dmp
                                                                                            Filesize

                                                                                            56KB

                                                                                            Download
                                                                                          • memory/5680-11401-0x0000018EC4560000-0x0000018EC456A000-memory.dmp
                                                                                            Filesize

                                                                                            40KB

                                                                                            Download
                                                                                          • memory/5680-11402-0x0000018EC4590000-0x0000018EC4598000-memory.dmp
                                                                                            Filesize

                                                                                            32KB

                                                                                            Download
                                                                                          • memory/5680-11403-0x0000018EDEA00000-0x0000018EDEC49000-memory.dmp
                                                                                            Filesize

                                                                                            2.3MB

                                                                                            Download