IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe:Zone.Identifier
ASCII text, with CRLF line terminators
modified
 malicious
C:\Users\user\AppData\Local\Temp\1000053001\0c179c8402.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\1000051000\48c5076e95.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\1000052000\a759b4c7d8.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\0085f9ca-bf9a-4159-8f55-6bfed66ededb.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\328aa511-2a90-4f9d-be11-f224f98e878e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\72cf7953-3354-4cf1-a7c9-836eb893f86e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\8449da15-6ece-44ec-8017-af69b2e4205b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\270ed276-90d5-43f6-ba2a-1cb9438db36f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3A783-EBC.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3A784-1914.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\5e0c24d3-f11e-4727-837f-9d7788a1f0b4.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\6f27319d-3ee5-4b2b-9e6d-9f4e035df5d5.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\72731a13-3483-4f06-bcca-03be6cad6d50.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\8ef20af6-1bd4-43c1-bcdd-7e5d07d7221e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8, version-valid-for 14
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie 0x8, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\93c06d2e-1542-4eaa-85b5-a352de53245f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\9452cfc6-52a0-495f-aab4-e5d9e01ce430.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF448dc.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\e01edf9b-c830-4476-b6f2-c879c2bb9e1c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\fb97a730-ef53-40ff-8d92-2128bd39897b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF4d84b.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF4a69c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\8d83d591-004e-442e-a85c-a617d6d21c73.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b4e2e42d-b775-44de-8045-3aba351f1a2c.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d340bdc6-7bde-48ac-9ae6-1b434f513c15.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie 0xb, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\aba72e2a-1766-4a1a-955f-784f7e5e7810.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\bb719b8a-e01e-4b83-92a8-dd2a86a01aaa.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
SQLite Rollback Journal
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
SQLite Write-Ahead Log, version 3007000
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4394c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4395c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF43dff.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF43e1e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4653e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF4a3ed.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ae9b7f30-b1fa-44d0-b92b-d65e7fd01ee8.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\d05f31c2-76c1-4f38-bc69-79df9b86bf01.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\faa8ea85-54d5-46b3-9912-f857ab4b50dc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2e198622-5f77-4ad2-a4e7-8be0226c87b3.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3b57f2a1-4afb-4974-a45f-657138574fb6.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\54464658-992c-4f00-abd9-c110d6d76e02.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6a56aa9a-7c0f-490b-85b4-f282d55ec683.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3A79D-1EB0.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0305d237-9ff5-40f6-b85e-aea83e048fb9.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0d2630a1-e339-4ef5-919f-f81120e7c0ab.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\312ab3e0-52e6-4095-afb6-3e45ea8daa18.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\36024a44-5542-48d9-a624-1c2416836eb6.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7cb0ef50-5186-445a-9a87-b3e314361797.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\891fd384-ac30-4f77-85ec-c2ec467db5bd.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF49d75.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF49db3.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7d8809f2-759d-46f0-83a9-c4c197d83485.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\96e1b99e-7de5-46af-8d05-14684c92da48.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF49f2a.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF49f0b.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cac076bd-616d-4c4c-aaa0-09ec827e9843.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ff06a2b0-3bfe-43d1-ade8-3138b6766371.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF49e7e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF49d46.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF49d46.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 89, cookie 0x36, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 8, database pages 11, cookie 0x7, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old~RF49db3.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old~RF49db3.TMP (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47cdd.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47db8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF47e83.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49da4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49e6f.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49e7e.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c4ecdd67-ed4f-46c6-9dbb-cae9821e30e2.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d3488423-2916-4928-8602-f550f2875b44.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\NLEF764PDUOVOVP2J6GO.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\UOHGJQYTOHJE0HE2RKO3.temp
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
data
dropped
C:\Windows\Tasks\explorti.job
data
dropped
There are 291 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
"C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe"
malicious
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
 malicious
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
C:\Users\user\AppData\Local\Temp\0d8f5eb8a7\explorti.exe
 malicious
C:\Users\user\AppData\Roaming\1000051000\48c5076e95.exe
"C:\Users\user\AppData\Roaming\1000051000\48c5076e95.exe"
malicious
C:\Users\user\AppData\Roaming\1000052000\a759b4c7d8.exe
"C:\Users\user\AppData\Roaming\1000052000\a759b4c7d8.exe"
malicious
C:\Users\user\AppData\Local\Temp\1000053001\0c179c8402.exe
"C:\Users\user\AppData\Local\Temp\1000053001\0c179c8402.exe"
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=2116,i,16112167788991068290,14803182423369865752,262144 --disable-features=TranslateUI /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI --disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2380 --field-trial-handle=2300,i,7838999706846974579,15815768999128644373,262144 --disable-features=TranslateUI /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7020 --field-trial-handle=2300,i,7838999706846974579,15815768999128644373,262144 --disable-features=TranslateUI /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=4828 --field-trial-handle=2300,i,7838999706846974579,15815768999128644373,262144 --disable-features=TranslateUI /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2624 --field-trial-handle=2536,i,9573157328777106886,9819326916295841096,262144 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=1816 --field-trial-handle=2536,i,9573157328777106886,9819326916295841096,262144 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2124,i,10162133090582848946,17402805719632758939,262144 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3596 --field-trial-handle=2124,i,10162133090582848946,17402805719632758939,262144 /prefetch:8
There are 9 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.215.113.100/e2b1563c6670f193.phpl
unknown
 malicious
http://185.215.113.100/e2b1563c6670f193.php/E
unknown
 malicious
http://185.215.113.100/e2b1563c6670f193.phpX
unknown
 malicious
http://185.215.113.100/
185.215.113.100
 malicious
http://185.215.113.100/e2b1563c6670f193.phpa
unknown
 malicious
http://185.215.113.19/Vi9leo/index.php
185.215.113.19
 malicious
http://185.215.113.100/e2b1563c6670f193.php
185.215.113.100
 malicious
http://185.215.113.100/ata
unknown
 malicious
http://185.215.113.100
unknown
 malicious
http://185.215.113.100/e2b1563c6670f193.phpT
unknown
 malicious
http://185.215.113.100/e2b1563c6670f193.php8
unknown
 malicious
http://185.215.113.100Y
unknown
 malicious
http://185.215.113.100/S
unknown
 malicious
http://185.215.113.100/e2b1563c6670f193.php/
unknown
 malicious
http://185.215.113.19/
unknown
 malicious
185.215.113.100/e2b1563c6670f193.php
malicious
http://185.215.113.100/e2b1563c6670f193.phpx
unknown
 malicious
http://185.215.113.19/Vi9leo/index.phpO
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://msn.com
unknown
http://185.215.113.16/steam/random.exe6522nGfO
unknown
http://185.215.113.19/Vi9leo/index.phpU
unknown
http://185.215.113.19/Vi9leo/index.phpAppData
unknown
http://185.215.113.19/Vi9leo/index.php?
unknown
http://185.215.113.19/Vi9leo/index.phpD
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
http://185.215.113.19/Vi9leo/index.phptch
unknown
http://185.215.113.19/Vi9leo/index.phpo
unknown
http://185.215.113.19/ta
unknown
http://185.215.113.19/Vi9leo/index.phpsr
unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
http://185.215.113.19/Vi9leo/index.phpb
unknown
http://185.215.113.19/Vi9leo/index.phpc
unknown
http://185.215.113.19/Vi9leo/index.phpgM
unknown
http://185.215.113.19/Vi9leo/index.phph
unknown
http://185.215.113.19/Vi9leo/index.phpi
unknown
https://myaccount.google.com/signinoptions/passwordC:
unknown
http://185.215.113.19/Vi9leo/index.phpm
unknown
https://www.office.com/
unknown
http://185.215.113.16/well/random.exe
unknown
http://185.215.113.19/Vi9leo/index.phpAppDataBt
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
http://185.215.113.19/Vi9leo/index.phpata
unknown
http://185.215.113.16/well/random.exe.
unknown
http://185.215.113.16/steam/random.exe
185.215.113.16
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://www.office.com/Office
unknown
http://185.215.113.19/Vi9leo/index.phphM
unknown
http://185.215.113.19/G
unknown
https://www.google.com/favicon.ico
142.251.41.4
http://185.215.113.19/Vi9leo/index.php0
unknown
http://185.215.113.16/steam/random.exesG
unknown
https://bzib.nelreports.net/api/report?cat=bingbusiness
unknown
https://chrome.cloudflare-dns.com/dns-query
162.159.61.3
http://185.215.113.19/Vi9leo/index.php053001
unknown
http://185.215.113.19/Vi9leo/index.php=
unknown
http://185.215.113.19/Vi9leo/index.php000
unknown
There are 48 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
162.159.61.3
s-part-0032.t-0009.t-msedge.net
13.107.246.60
bzib.nelreports.net
unknown

IPs

IP
Domain
Country
Malicious
185.215.113.100
unknown
Portugal
malicious
185.215.113.19
unknown
Portugal
malicious
192.168.2.5
unknown
unknown
malicious
142.250.80.46
unknown
United States
185.215.113.16
unknown
Portugal
13.107.246.60
s-part-0032.t-0009.t-msedge.net
United States
162.159.61.3
chrome.cloudflare-dns.com
United States
239.255.255.250
unknown
Reserved
172.64.41.3
unknown
United States
142.251.41.4
unknown
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
metricsid
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
metricsid_installdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
lw_8b2c99fb8fe6c942191cb0c60151919b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
MicrosoftEdgeAutoLaunch_E81D8DD3EACFA71E827377A4597DF902
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
ShortcutName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
There are 69 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
16EE000
heap
page read and write
 malicious
4A10000
direct allocation
page read and write
 malicious
8C1000
unkown
page execute and read and write
 malicious
821000
unkown
page execute and read and write
 malicious
8C1000
unkown
page execute and read and write
 malicious
48A0000
direct allocation
page read and write
 malicious
5030000
direct allocation
page read and write
 malicious
A3E000
heap
page read and write
 malicious
8C1000
unkown
page execute and read and write
 malicious
4AF0000
direct allocation
page read and write
 malicious
4BE0000
direct allocation
page execute and read and write
1634000
heap
page read and write
4A31000
heap
page read and write
BC3000
unkown
page execute and read and write
4A31000
heap
page read and write
1319000
heap
page read and write
124E000
heap
page read and write
3E4000
heap
page read and write
469E000
stack
page read and write
12FD000
heap
page read and write
DD0000
direct allocation
page read and write
369E000
stack
page read and write
4B70000
direct allocation
page execute and read and write
417F000
stack
page read and write
58C000
stack
page read and write
4C70000
direct allocation
page execute and read and write
9A0000
direct allocation
page read and write
DD0000
direct allocation
page read and write
3E4000
heap
page read and write
409F000
stack
page read and write
51B0000
direct allocation
page execute and read and write
8D6E000
stack
page read and write
4BC0000
direct allocation
page execute and read and write
3A9E000
stack
page read and write
4FA1000
heap
page read and write
58A0000
heap
page read and write
4571000
heap
page read and write
1634000
heap
page read and write
29EE000
stack
page read and write
4A31000
heap
page read and write
345F000
stack
page read and write
4A31000
heap
page read and write
8B0000
direct allocation
page read and write
820000
unkown
page read and write
9221000
heap
page read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
3E4000
heap
page read and write
38EE000
stack
page read and write
4560000
direct allocation
page read and write
4571000
heap
page read and write
4560000
direct allocation
page read and write
E10000
heap
page read and write
D81000
unkown
page execute and write copy
922000
unkown
page execute and read and write
12E1000
heap
page read and write
2DFE000
stack
page read and write
DD0000
direct allocation
page read and write
1634000
heap
page read and write
12E1000
heap
page read and write
4571000
heap
page read and write
142F000
stack
page read and write
105A000
stack
page read and write
1D46E000
stack
page read and write
8C1000
unkown
page execute and write copy
3E4000
heap
page read and write
1122000
unkown
page execute and write copy
ABF000
heap
page read and write
51B0000
direct allocation
page execute and read and write
451F000
stack
page read and write
4B91000
heap
page read and write
4FA1000
heap
page read and write
4571000
heap
page read and write
9B4000
heap
page read and write
362F000
stack
page read and write
3BDE000
stack
page read and write
12BC000
heap
page read and write
287F000
stack
page read and write
4FA1000
heap
page read and write
1305000
heap
page read and write
BF0000
unkown
page readonly
4B80000
direct allocation
page read and write
4571000
heap
page read and write
1634000
heap
page read and write
305E000
stack
page read and write
F6D000
unkown
page execute and read and write
8B0000
heap
page read and write
3DAF000
stack
page read and write
3240000
direct allocation
page read and write
4571000
heap
page read and write
9B4000
heap
page read and write
4B91000
heap
page read and write
5020000
direct allocation
page read and write
3E4000
heap
page read and write
8A0000
heap
page read and write
67EF000
stack
page read and write
7C4000
heap
page read and write
4571000
heap
page read and write
3CDE000
stack
page read and write
4571000
heap
page read and write
1634000
heap
page read and write
3E5E000
stack
page read and write
700000
heap
page read and write
34EF000
stack
page read and write
8E6E000
stack
page read and write
4B80000
direct allocation
page read and write
4FA1000
heap
page read and write
4B91000
heap
page read and write
4EB0000
direct allocation
page read and write
79A0000
heap
page read and write
455E000
stack
page read and write
3240000
direct allocation
page read and write
BDB000
unkown
page execute and read and write
4571000
heap
page read and write
445F000
stack
page read and write
4A80000
direct allocation
page execute and read and write
9B4000
heap
page read and write
AB3000
heap
page read and write
144E000
stack
page read and write
8C0000
unkown
page read and write
9FE000
stack
page read and write
8BE000
stack
page read and write
682E000
stack
page read and write
4571000
heap
page read and write
4B91000
heap
page read and write
4FA1000
heap
page read and write
AAC000
unkown
page write copy
929000
unkown
page write copy
3EEF000
stack
page read and write
660000
heap
page read and write
3774000
heap
page read and write
1733000
heap
page read and write
4571000
heap
page read and write
7C4000
heap
page read and write
38DE000
stack
page read and write
980000
heap
page read and write
7C4000
heap
page read and write
4B2E000
stack
page read and write
13C000
stack
page read and write
4B91000
heap
page read and write
147E000
stack
page read and write
1121000
unkown
page execute and read and write
DD0000
direct allocation
page read and write
51D0000
direct allocation
page execute and read and write
5180000
direct allocation
page execute and read and write
BDC000
unkown
page execute and write copy
144F000
stack
page read and write
4F9F000
stack
page read and write
3D9F000
stack
page read and write
4A31000
heap
page read and write
365E000
stack
page read and write
4A31000
heap
page read and write
734000
heap
page read and write
CE0000
unkown
page execute and read and write
66EE000
stack
page read and write
1634000
heap
page read and write
2DBE000
stack
page read and write
4B91000
heap
page read and write
4FA1000
heap
page read and write
15E0000
heap
page read and write
546E000
stack
page read and write
3240000
direct allocation
page read and write
48EF000
stack
page read and write
27F7000
heap
page read and write
41DF000
stack
page read and write
1D32D000
stack
page read and write
3E4000
heap
page read and write
3F0000
heap
page read and write
3CAE000
stack
page read and write
4B80000
direct allocation
page read and write
3F3E000
stack
page read and write
452F000
stack
page read and write
466F000
stack
page read and write
4B91000
heap
page read and write
3240000
direct allocation
page read and write
4B90000
direct allocation
page execute and read and write
4901000
direct allocation
page read and write
4B80000
direct allocation
page execute and read and write
3B7F000
stack
page read and write
4B91000
heap
page read and write
130D000
heap
page read and write
4B91000
heap
page read and write
4B91000
heap
page read and write
2B5E000
stack
page read and write
4C2F000
stack
page read and write
2C9E000
stack
page read and write
316E000
stack
page read and write
3E4000
heap
page read and write
E8F000
stack
page read and write
4A31000
heap
page read and write
32AE000
stack
page read and write
4A31000
heap
page read and write
3E4000
heap
page read and write
311F000
stack
page read and write
9236000
heap
page read and write
4401000
heap
page read and write
1292000
heap
page read and write
375F000
stack
page read and write
B96000
unkown
page execute and read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
499E000
stack
page read and write
4A50000
direct allocation
page execute and read and write
4FA1000
heap
page read and write
4560000
direct allocation
page read and write
4571000
heap
page read and write
419E000
stack
page read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
7990000
heap
page read and write
16D0000
heap
page read and write
4FA1000
heap
page read and write
109A000
unkown
page execute and read and write
4B91000
heap
page read and write
3B9F000
stack
page read and write
5210000
direct allocation
page execute and read and write
5091000
direct allocation
page read and write
9B4000
heap
page read and write
3B2F000
stack
page read and write
315F000
stack
page read and write
41AE000
stack
page read and write
2AFF000
stack
page read and write
39DF000
stack
page read and write
1DB64000
heap
page read and write
678000
heap
page read and write
4FA1000
heap
page read and write
335F000
stack
page read and write
4B91000
heap
page read and write
2B1F000
stack
page read and write
389F000
stack
page read and write
5010000
direct allocation
page execute and read and write
4C80000
direct allocation
page execute and read and write
3DBF000
stack
page read and write
2D9F000
stack
page read and write
9A0000
direct allocation
page read and write
1312000
heap
page read and write
3240000
direct allocation
page read and write
650000
heap
page read and write
9A0000
direct allocation
page read and write
38AF000
stack
page read and write
4A31000
heap
page read and write
4571000
heap
page read and write
1630000
heap
page read and write
1634000
heap
page read and write
8B0000
direct allocation
page read and write
4B91000
heap
page read and write
B3B000
unkown
page execute and read and write
4B60000
direct allocation
page execute and read and write
4571000
heap
page read and write
A3A000
heap
page read and write
ABD000
heap
page read and write
DD0000
direct allocation
page read and write
4A9F000
stack
page read and write
DD0000
direct allocation
page read and write
1319000
heap
page read and write
3DEE000
stack
page read and write
4AB0000
trusted library allocation
page read and write
3A1F000
stack
page read and write
1DA5E000
stack
page read and write
2D7F000
stack
page read and write
4B91000
heap
page read and write
3E4000
heap
page read and write
55BE000
stack
page read and write
4B91000
heap
page read and write
39EF000
stack
page read and write
3E4000
heap
page read and write
1A4000
heap
page read and write
4B91000
heap
page read and write
37BE000
stack
page read and write
2C6E000
stack
page read and write
9B4000
heap
page read and write
7C4000
heap
page read and write
5020000
direct allocation
page read and write
4B91000
heap
page read and write
929000
unkown
page read and write
376F000
stack
page read and write
4FA1000
heap
page read and write
BDB000
unkown
page execute and write copy
4A30000
direct allocation
page execute and read and write
1634000
heap
page read and write
16F2000
heap
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
33FE000
stack
page read and write
3E4000
heap
page read and write
BC3000
unkown
page execute and read and write
3E4000
heap
page read and write
43DF000
stack
page read and write
4B80000
direct allocation
page read and write
4B91000
heap
page read and write
40DE000
stack
page read and write
1634000
heap
page read and write
4B91000
heap
page read and write
8B0000
direct allocation
page read and write
F8F000
stack
page read and write
132A000
heap
page read and write
4AA0000
direct allocation
page execute and read and write
11E5000
heap
page read and write
10D3000
unkown
page execute and write copy
353E000
stack
page read and write
4CD0000
direct allocation
page execute and read and write
1D3AF000
stack
page read and write
4FA1000
heap
page read and write
329F000
stack
page read and write
A0F000
unkown
page execute and read and write
4571000
heap
page read and write
4B91000
heap
page read and write
BC3000
unkown
page execute and read and write
3C6F000
stack
page read and write
4A4C000
stack
page read and write
4571000
heap
page read and write
3EEF000
stack
page read and write
1634000
heap
page read and write
33DE000
stack
page read and write
DD0000
direct allocation
page read and write
4A71000
direct allocation
page read and write
4B91000
heap
page read and write
B23000
unkown
page execute and read and write
4B80000
direct allocation
page read and write
1D8BE000
stack
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
4B91000
heap
page read and write
351F000
stack
page read and write
4A31000
heap
page read and write
2EBF000
stack
page read and write
4FA1000
heap
page read and write
7C4000
heap
page read and write
1D0DE000
stack
page read and write
1288000
heap
page read and write
8B0000
direct allocation
page read and write
419F000
stack
page read and write
42DF000
stack
page read and write
4B91000
heap
page read and write
AF6000
unkown
page execute and read and write
2B2E000
stack
page read and write
1A4000
heap
page read and write
4A40000
heap
page read and write
4571000
heap
page read and write
4CB0000
direct allocation
page execute and read and write
5430000
direct allocation
page read and write
376F000
stack
page read and write
1297000
heap
page read and write
303E000
stack
page read and write
5E0000
heap
page read and write
4B60000
heap
page read and write
29AF000
stack
page read and write
14FE000
stack
page read and write
4840000
trusted library allocation
page read and write
3E4000
heap
page read and write
4B91000
heap
page read and write
43EF000
stack
page read and write
4B91000
heap
page read and write
12A3000
heap
page read and write
3B6E000
stack
page read and write
1634000
heap
page read and write
2AC000
stack
page read and write
3E4000
heap
page read and write
4B91000
heap
page read and write
2DAE000
stack
page read and write
459F000
stack
page read and write
4A31000
heap
page read and write
4FA1000
heap
page read and write
9B4000
heap
page read and write
9B4000
heap
page read and write
3E4000
heap
page read and write
79A0000
heap
page read and write
4E5F000
stack
page read and write
7C4000
heap
page read and write
4B91000
heap
page read and write
6930000
heap
page read and write
4B91000
heap
page read and write
9A0000
direct allocation
page read and write
9B4000
heap
page read and write
5580000
direct allocation
page execute and read and write
4E7F000
stack
page read and write
51E0000
direct allocation
page execute and read and write
4A31000
heap
page read and write
39FF000
stack
page read and write
4FA1000
heap
page read and write
4B91000
heap
page read and write
12FD000
heap
page read and write
92B000
unkown
page execute and read and write
4A20000
direct allocation
page execute and read and write
4571000
heap
page read and write
1634000
heap
page read and write
1CE4E000
stack
page read and write
12FE000
heap
page read and write
4B91000
heap
page read and write
6E7000
heap
page read and write
1A4000
heap
page read and write
12FD000
heap
page read and write
7C4000
heap
page read and write
4571000
heap
page read and write
174F000
heap
page read and write
1634000
heap
page read and write
1A4000
heap
page read and write
3E4000
heap
page read and write
12E1000
heap
page read and write
4A31000
heap
page read and write
2C2F000
stack
page read and write
1D36D000
stack
page read and write
50FE000
stack
page read and write
4FA1000
heap
page read and write
442E000
stack
page read and write
4B91000
heap
page read and write
16F4000
heap
page read and write
2900000
heap
page read and write
B33000
unkown
page execute and read and write
327F000
stack
page read and write
9A0000
direct allocation
page read and write
4560000
direct allocation
page read and write
301F000
stack
page read and write
BDB000
unkown
page execute and write copy
27F0000
heap
page read and write
4FA1000
heap
page read and write
8B0000
direct allocation
page read and write
4A00000
direct allocation
page execute and read and write
3DDF000
stack
page read and write
42AF000
stack
page read and write
BCB000
unkown
page execute and read and write
402F000
stack
page read and write
4FA1000
heap
page read and write
4BB0000
heap
page read and write
6425000
heap
page read and write
4B91000
heap
page read and write
9B4000
heap
page read and write
5200000
direct allocation
page execute and read and write
3D1E000
stack
page read and write
4FA1000
heap
page read and write
1D3ED000
stack
page read and write
4B91000
heap
page read and write
85F000
stack
page read and write
4FA1000
heap
page read and write
4C60000
direct allocation
page execute and read and write
F83000
unkown
page execute and write copy
AB4000
unkown
page readonly
8C0000
unkown
page read and write
34FF000
stack
page read and write
4B91000
heap
page read and write
4571000
heap
page read and write
317E000
stack
page read and write
7C4000
heap
page read and write
A7C000
unkown
page readonly
48DF000
stack
page read and write
4FA1000
heap
page read and write
4A20000
direct allocation
page execute and read and write
E00000
direct allocation
page read and write
C8F000
unkown
page execute and read and write
3CBE000
stack
page read and write
4B91000
heap
page read and write
C83000
unkown
page execute and read and write
AA2000
unkown
page readonly
4560000
direct allocation
page read and write
AB0000
unkown
page write copy
7C4000
heap
page read and write
E00000
direct allocation
page read and write
4560000
direct allocation
page read and write
4571000
heap
page read and write
45DE000
stack
page read and write
12BA000
heap
page read and write
4A31000
heap
page read and write
BDB000
unkown
page execute and read and write
92B000
unkown
page execute and read and write
B96000
unkown
page execute and read and write
435E000
stack
page read and write
AA1000
unkown
page execute and write copy
56BE000
stack
page read and write
38EE000
stack
page read and write
4A20000
direct allocation
page execute and read and write
351E000
stack
page read and write
3240000
direct allocation
page read and write
4571000
heap
page read and write
465F000
stack
page read and write
4B91000
heap
page read and write
4571000
heap
page read and write
55B0000
direct allocation
page execute and read and write
4571000
heap
page read and write
9A0000
direct allocation
page read and write
8B0000
direct allocation
page read and write
4571000
heap
page read and write
18DF000
stack
page read and write
556F000
stack
page read and write
CCC000
unkown
page execute and read and write
4560000
direct allocation
page read and write
3B2F000
stack
page read and write
9B4000
heap
page read and write
1DB60000
heap
page read and write
2B3E000
stack
page read and write
12A1000
heap
page read and write
3C6F000
stack
page read and write
9B4000
heap
page read and write
391E000
stack
page read and write
9E0000
unkown
page readonly
2EEE000
stack
page read and write
4B91000
heap
page read and write
87E000
stack
page read and write
4FA1000
heap
page read and write
55C0000
direct allocation
page execute and read and write
301F000
stack
page read and write
BCB000
unkown
page execute and read and write
2C7E000
stack
page read and write
6F7000
heap
page read and write
12C2000
heap
page read and write
3240000
direct allocation
page read and write
1634000
heap
page read and write
403F000
stack
page read and write
4C90000
direct allocation
page execute and read and write
1634000
heap
page read and write
E8F000
stack
page read and write
442E000
stack
page read and write
2F1E000
stack
page read and write
1745000
heap
page read and write
4571000
heap
page read and write
4FEF000
stack
page read and write
9B4000
heap
page read and write
5430000
direct allocation
page read and write
4D7E000
stack
page read and write
4A40000
direct allocation
page execute and read and write
9B4000
heap
page read and write
4B91000
heap
page read and write
53BD000
stack
page read and write
3E4000
heap
page read and write
4571000
heap
page read and write
4C10000
direct allocation
page execute and read and write
95E000
stack
page read and write
37AE000
stack
page read and write
416E000
stack
page read and write
4571000
heap
page read and write
4A31000
heap
page read and write
3E1E000
stack
page read and write
4B91000
heap
page read and write
2FEF000
stack
page read and write
4B91000
heap
page read and write
2DBE000
stack
page read and write
DD0000
direct allocation
page read and write
1634000
heap
page read and write
2EFE000
stack
page read and write
16BE000
stack
page read and write
1272000
unkown
page execute and write copy
4EEC000
stack
page read and write
B96000
unkown
page execute and read and write
33DF000
stack
page read and write
929000
unkown
page read and write
365F000
stack
page read and write
4FA1000
heap
page read and write
4B91000
heap
page read and write
3E4000
heap
page read and write
4A31000
heap
page read and write
4A00000
direct allocation
page read and write
16EA000
heap
page read and write
4B91000
heap
page read and write
4571000
heap
page read and write
31BE000
stack
page read and write
D7B000
stack
page read and write
319E000
stack
page read and write
4C70000
direct allocation
page execute and read and write
4A31000
heap
page read and write
4B9C000
stack
page read and write
4B80000
direct allocation
page read and write
34EF000
stack
page read and write
4B91000
heap
page read and write
1CD0E000
stack
page read and write
1634000
heap
page read and write
4C50000
direct allocation
page execute and read and write
323E000
stack
page read and write
4A70000
direct allocation
page execute and read and write
4B91000
heap
page read and write
9B4000
heap
page read and write
4571000
heap
page read and write
4A31000
heap
page read and write
CB4000
unkown
page execute and read and write
5240000
direct allocation
page execute and read and write
9B4000
heap
page read and write
670000
heap
page read and write
3E4000
heap
page read and write
1CF4F000
stack
page read and write
4571000
heap
page read and write
9A0000
direct allocation
page read and write
89E000
stack
page read and write
2910000
heap
page read and write
1634000
heap
page read and write
363F000
stack
page read and write
4D00000
direct allocation
page execute and read and write
157E000
stack
page read and write
921C000
stack
page read and write
12A3000
heap
page read and write
341E000
stack
page read and write
4571000
heap
page read and write
DD0000
direct allocation
page read and write
8B0000
direct allocation
page read and write
1634000
heap
page read and write
4A31000
heap
page read and write
51B0000
direct allocation
page execute and read and write
4FA1000
heap
page read and write
4B91000
heap
page read and write
B64000
unkown
page execute and read and write
DD0000
direct allocation
page read and write
2FFF000
stack
page read and write
8B0000
direct allocation
page read and write
4571000
heap
page read and write
16E0000
heap
page read and write
4A45000
heap
page read and write
4FA7000
heap
page read and write
3E4000
heap
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
4FA1000
heap
page read and write
4560000
direct allocation
page read and write
516F000
stack
page read and write
9A0000
direct allocation
page read and write
41AE000
stack
page read and write
42DE000
stack
page read and write
9B4000
heap
page read and write
42EE000
stack
page read and write
5020000
direct allocation
page execute and read and write
130D000
heap
page read and write
889000
unkown
page write copy
2DDE000
stack
page read and write
49DF000
stack
page read and write
7C4000
heap
page read and write
DCE000
stack
page read and write
D81000
unkown
page execute and write copy
47AF000
stack
page read and write
4571000
heap
page read and write
3DAF000
stack
page read and write
4571000
heap
page read and write
4A60000
direct allocation
page execute and read and write
4D10000
direct allocation
page execute and read and write
4B91000
heap
page read and write
4B80000
direct allocation
page read and write
8C0000
unkown
page readonly
1620000
heap
page read and write
352E000
stack
page read and write
4B91000
heap
page read and write
1D52E000
stack
page read and write
7C4000
heap
page read and write
3B5E000
stack
page read and write
3E0000
heap
page read and write
4BA0000
direct allocation
page execute and read and write
366E000
stack
page read and write
1D1DF000
stack
page read and write
4B90000
direct allocation
page execute and read and write
405F000
stack
page read and write
7C4000
heap
page read and write
1510000
heap
page read and write
9B4000
heap
page read and write
128E000
heap
page read and write
5000000
direct allocation
page execute and read and write
AA1000
unkown
page execute and read and write
4FA1000
heap
page read and write
E1A000
heap
page read and write
3B7E000
stack
page read and write
2E10000
heap
page read and write
3E4000
heap
page read and write
1D9FE000
stack
page read and write
7C0000
heap
page read and write
4B91000
heap
page read and write
3DFE000
stack
page read and write
8C1000
unkown
page execute and write copy
4B91000
heap
page read and write
5010000
direct allocation
page execute and read and write
4571000
heap
page read and write
3E4000
heap
page read and write
4560000
direct allocation
page read and write
4B91000
heap
page read and write
3AD000
stack
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
4B91000
heap
page read and write
12C1000
heap
page read and write
9E1000
unkown
page execute read
2CEF000
stack
page read and write
3F5E000
stack
page read and write
4BA4000
heap
page read and write
4A31000
heap
page read and write
2EDF000
stack
page read and write
4B91000
heap
page read and write
10BD000
unkown
page execute and read and write
9B4000
heap
page read and write
176C000
heap
page read and write
BF1000
unkown
page execute and read and write
1634000
heap
page read and write
11BC000
stack
page read and write
4401000
heap
page read and write
5220000
direct allocation
page execute and read and write
4571000
heap
page read and write
431E000
stack
page read and write
1A4000
heap
page read and write
4B91000
heap
page read and write
3A1E000
stack
page read and write
DF0000
heap
page read and write
4FA1000
heap
page read and write
32BE000
stack
page read and write
3250000
heap
page read and write
1D4EF000
stack
page read and write
12FD000
heap
page read and write
997000
heap
page read and write
65AE000
stack
page read and write
401F000
stack
page read and write
9A0000
direct allocation
page read and write
9B4000
heap
page read and write
8B0000
direct allocation
page read and write
BF0000
unkown
page read and write
3A5E000
stack
page read and write
4B91000
heap
page read and write
2EAF000
stack
page read and write
4A48000
heap
page read and write
3C9E000
stack
page read and write
9B4000
heap
page read and write
6F7F000
stack
page read and write
362F000
stack
page read and write
12BF000
heap
page read and write
33AF000
stack
page read and write
38BF000
stack
page read and write
4FA1000
heap
page read and write
929000
unkown
page read and write
3240000
direct allocation
page read and write
1271000
unkown
page execute and read and write
4FA1000
heap
page read and write
421E000
stack
page read and write
1634000
heap
page read and write
506E000
stack
page read and write
3240000
direct allocation
page read and write
4BF0000
direct allocation
page execute and read and write
3E4000
heap
page read and write
4B80000
direct allocation
page read and write
4571000
heap
page read and write
34DF000
stack
page read and write
4571000
heap
page read and write
3A5F000
stack
page read and write
9A0000
direct allocation
page read and write
B2B000
unkown
page execute and read and write
7C4000
heap
page read and write
4A20000
direct allocation
page execute and read and write
3DDE000
stack
page read and write
8C0000
unkown
page read and write
8B0000
direct allocation
page read and write
821000
unkown
page execute and write copy
9220000
heap
page read and write
4B91000
heap
page read and write
4FA1000
heap
page read and write
37DE000
stack
page read and write
BCB000
unkown
page execute and read and write
16A0000
heap
page read and write
449E000
stack
page read and write
A30000
heap
page read and write
CE1000
unkown
page execute and write copy
3A3E000
stack
page read and write
3E4000
heap
page read and write
4FA1000
heap
page read and write
4571000
heap
page read and write
1A4000
heap
page read and write
4CA0000
direct allocation
page execute and read and write
3240000
direct allocation
page read and write
4B91000
heap
page read and write
AA0000
unkown
page readonly
16F2000
heap
page read and write
4571000
heap
page read and write
4571000
heap
page read and write
3240000
direct allocation
page read and write
42FE000
stack
page read and write
5030000
direct allocation
page execute and read and write
28FE000
stack
page read and write
516E000
stack
page read and write
A10000
direct allocation
page read and write
49B0000
heap
page read and write
B3C000
unkown
page execute and write copy
1A4000
heap
page read and write
3F2E000
stack
page read and write
4890000
direct allocation
page read and write
4EBE000
stack
page read and write
9B4000
heap
page read and write
4A31000
heap
page read and write
1634000
heap
page read and write
4A31000
heap
page read and write
51A0000
direct allocation
page execute and read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
2D6F000
stack
page read and write
2E00000
heap
page read and write
4FA1000
heap
page read and write
4571000
heap
page read and write
A7C000
unkown
page readonly
3E4000
heap
page read and write
1762000
heap
page read and write
53B0000
heap
page read and write
9B4000
heap
page read and write
3B6E000
stack
page read and write
4FA1000
heap
page read and write
4C30000
direct allocation
page execute and read and write
9B4000
heap
page read and write
302E000
stack
page read and write
1A4000
heap
page read and write
1296000
heap
page read and write
1A4000
heap
page read and write
76E000
stack
page read and write
4571000
heap
page read and write
4571000
heap
page read and write
A80000
heap
page read and write
4B80000
direct allocation
page read and write
1634000
heap
page read and write
4571000
heap
page read and write
100F000
stack
page read and write
1312000
heap
page read and write
14F5000
stack
page read and write
4A2F000
stack
page read and write
4FC0000
heap
page read and write
12E1000
heap
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
1634000
heap
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
10FA000
stack
page read and write
4A31000
heap
page read and write
4BA0000
heap
page read and write
4571000
heap
page read and write
4571000
heap
page read and write
4571000
heap
page read and write
AA2000
unkown
page readonly
4B91000
heap
page read and write
799E000
heap
page read and write
3B5F000
stack
page read and write
4B80000
direct allocation
page read and write
4B91000
heap
page read and write
441F000
stack
page read and write
47EE000
stack
page read and write
E1C000
unkown
page execute and read and write
291B000
heap
page read and write
33AF000
stack
page read and write
4571000
heap
page read and write
3CAE000
stack
page read and write
4FA1000
heap
page read and write
4B90000
direct allocation
page execute and read and write
36DE000
stack
page read and write
4FA1000
heap
page read and write
4A31000
heap
page read and write
AAF000
unkown
page execute and read and write
4A31000
heap
page read and write
3A2E000
stack
page read and write
1CE0F000
stack
page read and write
929000
unkown
page write copy
361F000
stack
page read and write
352E000
stack
page read and write
27AE000
stack
page read and write
3E4000
heap
page read and write
3B3F000
stack
page read and write
F76000
unkown
page execute and read and write
1D7BD000
stack
page read and write
3E1F000
stack
page read and write
4890000
direct allocation
page read and write
2A1F000
stack
page read and write
12C1000
heap
page read and write
1634000
heap
page read and write
4FA1000
heap
page read and write
2E1E000
heap
page read and write
4AB0000
direct allocation
page execute and read and write
4FA1000
heap
page read and write
92B000
unkown
page execute and read and write
BDC000
unkown
page execute and write copy
3E4000
heap
page read and write
51F0000
direct allocation
page execute and read and write
3F1E000
stack
page read and write
6420000
heap
page read and write
BDC000
unkown
page execute and write copy
929000
unkown
page write copy
4D1F000
stack
page read and write
4D3B000
stack
page read and write
9B4000
heap
page read and write
1240000
heap
page read and write
1634000
heap
page read and write
379F000
stack
page read and write
4571000
heap
page read and write
7BE000
stack
page read and write
4B91000
heap
page read and write
AAF000
unkown
page execute and read and write
4FD000
stack
page read and write
D81000
unkown
page execute and write copy
4A31000
heap
page read and write
4B91000
heap
page read and write
9E0000
unkown
page readonly
441E000
stack
page read and write
495F000
stack
page read and write
3F9E000
stack
page read and write
4571000
heap
page read and write
4FA1000
heap
page read and write
4FA1000
heap
page read and write
4B91000
heap
page read and write
48DE000
stack
page read and write
33EE000
stack
page read and write
359E000
stack
page read and write
4B91000
heap
page read and write
4B91000
heap
page read and write
1634000
heap
page read and write
A84000
heap
page read and write
4A00000
direct allocation
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
3CDF000
stack
page read and write
4571000
heap
page read and write
3C5F000
stack
page read and write
DD0000
direct allocation
page read and write
1A4000
heap
page read and write
DE0000
heap
page read and write
4BDF000
stack
page read and write
7000000
trusted library allocation
page read and write
3E4000
heap
page read and write
276E000
stack
page read and write
4A20000
direct allocation
page execute and read and write
4B91000
heap
page read and write
4400000
heap
page read and write
9B4000
heap
page read and write
3E4000
heap
page read and write
456E000
stack
page read and write
3240000
direct allocation
page read and write
4B91000
heap
page read and write
431F000
stack
page read and write
8B0000
direct allocation
page read and write
4B91000
heap
page read and write
406E000
stack
page read and write
1634000
heap
page read and write
491E000
stack
page read and write
1A4000
heap
page read and write
9B4000
heap
page read and write
4B91000
heap
page read and write
167E000
stack
page read and write
D7F000
unkown
page execute and read and write
49F0000
direct allocation
page execute and read and write
4571000
heap
page read and write
42BF000
stack
page read and write
3E4000
heap
page read and write
4B91000
heap
page read and write
4B80000
direct allocation
page read and write
5430000
direct allocation
page read and write
3E4000
heap
page read and write
405E000
stack
page read and write
4B91000
heap
page read and write
123E000
stack
page read and write
38C000
stack
page read and write
4B91000
heap
page read and write
4CE0000
direct allocation
page execute and read and write
FBE000
unkown
page execute and read and write
33EE000
stack
page read and write
51C0000
direct allocation
page execute and read and write
9B4000
heap
page read and write
8C1000
unkown
page execute and write copy
4571000
heap
page read and write
1DB5C000
stack
page read and write
1A4000
heap
page read and write
990000
heap
page read and write
429F000
stack
page read and write
4B91000
heap
page read and write
9B4000
heap
page read and write
B6E000
stack
page read and write
4571000
heap
page read and write
4B91000
heap
page read and write
922000
unkown
page execute and read and write
38FE000
stack
page read and write
3E4000
heap
page read and write
4A10000
direct allocation
page execute and read and write
4A31000
heap
page read and write
4571000
heap
page read and write
1D8FE000
stack
page read and write
4FA1000
heap
page read and write
1634000
heap
page read and write
820000
unkown
page readonly
55D0000
direct allocation
page execute and read and write
D7F000
unkown
page execute and read and write
3E4000
heap
page read and write
41DE000
stack
page read and write
3C7F000
stack
page read and write
4B90000
direct allocation
page execute and read and write
1A4000
heap
page read and write
1D62F000
stack
page read and write
4A31000
heap
page read and write
7991000
heap
page read and write
4FA1000
heap
page read and write
4A5E000
stack
page read and write
4C20000
direct allocation
page execute and read and write
88B000
unkown
page execute and read and write
416F000
stack
page read and write
1300000
heap
page read and write
312F000
stack
page read and write
8F5000
stack
page read and write
4571000
heap
page read and write
BEE000
stack
page read and write
329E000
stack
page read and write
4FD0000
trusted library allocation
page read and write
3E4000
heap
page read and write
4A31000
heap
page read and write
38AF000
stack
page read and write
4B91000
heap
page read and write
DD0000
direct allocation
page read and write
1634000
heap
page read and write
7809000
heap
page read and write
355F000
stack
page read and write
492E000
stack
page read and write
4B80000
direct allocation
page read and write
4571000
heap
page read and write
481F000
stack
page read and write
4A31000
heap
page read and write
9A0000
direct allocation
page read and write
1A0000
heap
page read and write
12C7000
heap
page read and write
456E000
stack
page read and write
15CE000
stack
page read and write
42EE000
stack
page read and write
479F000
stack
page read and write
2AEF000
stack
page read and write
4A31000
heap
page read and write
4A1F000
stack
page read and write
4B91000
heap
page read and write
E00000
direct allocation
page read and write
124A000
heap
page read and write
28BB000
stack
page read and write
AA0000
unkown
page read and write
1634000
heap
page read and write
47DE000
stack
page read and write
4B91000
heap
page read and write
3E4000
heap
page read and write
291D000
heap
page read and write
911C000
stack
page read and write
9A0000
direct allocation
page read and write
130F000
heap
page read and write
1D08F000
stack
page read and write
3B1F000
stack
page read and write
4CF0000
direct allocation
page execute and read and write
E6E000
unkown
page execute and read and write
4571000
heap
page read and write
130D000
heap
page read and write
A20000
direct allocation
page execute and read and write
166E000
stack
page read and write
312F000
stack
page read and write
BDB000
unkown
page execute and read and write
4FA1000
heap
page read and write
1A4000
heap
page read and write
8B0000
direct allocation
page read and write
12FD000
heap
page read and write
4A90000
direct allocation
page execute and read and write
4FA1000
heap
page read and write
43FF000
stack
page read and write
3E4000
heap
page read and write
882000
unkown
page execute and read and write
8C0000
unkown
page readonly
B3F000
unkown
page execute and read and write
4B91000
heap
page read and write
4560000
direct allocation
page read and write
46AE000
stack
page read and write
4FA1000
heap
page read and write
5230000
direct allocation
page execute and read and write
DD0000
direct allocation
page read and write
4B91000
heap
page read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
4A31000
heap
page read and write
99B000
heap
page read and write
6CD000
heap
page read and write
4FA1000
heap
page read and write
1EBF000
stack
page read and write
16C0000
heap
page read and write
4A30000
heap
page read and write
4571000
heap
page read and write
1319000
heap
page read and write
9A0000
direct allocation
page read and write
9B4000
heap
page read and write
4B91000
heap
page read and write
4B91000
heap
page read and write
4BB0000
direct allocation
page execute and read and write
4AC0000
direct allocation
page execute and read and write
3DEE000
stack
page read and write
1D22D000
stack
page read and write
52BD000
stack
page read and write
1634000
heap
page read and write
4B91000
heap
page read and write
3EFF000
stack
page read and write
4C1E000
stack
page read and write
620000
heap
page read and write
4FA1000
heap
page read and write
3E4000
heap
page read and write
4FBF000
stack
page read and write
1301000
heap
page read and write
4FA1000
heap
page read and write
4671000
heap
page read and write
6426000
heap
page read and write
9A0000
direct allocation
page read and write
4401000
heap
page read and write
4B91000
heap
page read and write
141F000
stack
page read and write
4A50000
heap
page read and write
277E000
stack
page read and write
60E000
stack
page read and write
10D3000
unkown
page execute and read and write
11E0000
heap
page read and write
326F000
stack
page read and write
325F000
stack
page read and write
33BF000
stack
page read and write
4671000
heap
page read and write
5580000
heap
page read and write
4571000
heap
page read and write
2E17000
heap
page read and write
9B4000
heap
page read and write
1328000
heap
page read and write
4A20000
direct allocation
page execute and read and write
12E1000
heap
page read and write
3E4000
heap
page read and write
1294000
heap
page read and write
4571000
heap
page read and write
4FA1000
heap
page read and write
445E000
stack
page read and write
2FEF000
stack
page read and write
55A0000
direct allocation
page execute and read and write
E30000
unkown
page execute and read and write
9B4000
heap
page read and write
1306000
heap
page read and write
377F000
stack
page read and write
4571000
heap
page read and write
452F000
stack
page read and write
3E4000
heap
page read and write
922000
unkown
page execute and read and write
3C9E000
stack
page read and write
1634000
heap
page read and write
381E000
stack
page read and write
143F000
stack
page read and write
4B91000
heap
page read and write
15F0000
heap
page read and write
1D76F000
stack
page read and write
2D7E000
stack
page read and write
2917000
heap
page read and write
28FF000
stack
page read and write
4B91000
heap
page read and write
9B4000
heap
page read and write
3F2E000
stack
page read and write
317F000
stack
page read and write
4C70000
direct allocation
page execute and read and write
6B7000
heap
page read and write
4A31000
heap
page read and write
4A00000
direct allocation
page read and write
64E000
stack
page read and write
1634000
heap
page read and write
53E0000
trusted library allocation
page read and write
6E7E000
stack
page read and write
4B4F000
stack
page read and write
4571000
heap
page read and write
51B0000
direct allocation
page execute and read and write
D7F000
unkown
page execute and read and write
1D66E000
stack
page read and write
55B0000
direct allocation
page execute and read and write
5020000
direct allocation
page read and write
4FA1000
heap
page read and write
4560000
direct allocation
page read and write
485E000
stack
page read and write
4560000
direct allocation
page read and write
4B91000
heap
page read and write
9B4000
heap
page read and write
14B0000
heap
page read and write
4571000
heap
page read and write
4B90000
heap
page read and write
3F1F000
stack
page read and write
4CC0000
direct allocation
page execute and read and write
4E9E000
stack
page read and write
9B4000
heap
page read and write
4C40000
direct allocation
page execute and read and write
471E000
stack
page read and write
BAB000
stack
page read and write
130D000
heap
page read and write
4571000
heap
page read and write
272F000
stack
page read and write
3F5F000
stack
page read and write
37AE000
stack
page read and write
9B4000
heap
page read and write
4B91000
heap
page read and write
313F000
stack
page read and write
DE0000
heap
page read and write
339F000
stack
page read and write
4B91000
heap
page read and write
8EAB000
stack
page read and write
4FA1000
heap
page read and write
4C00000
direct allocation
page execute and read and write
67C000
heap
page read and write
692F000
stack
page read and write
1634000
heap
page read and write
4B91000
heap
page read and write
4FA1000
heap
page read and write
8FAC000
stack
page read and write
4FA1000
heap
page read and write
1CF8E000
stack
page read and write
7C4000
heap
page read and write
28AF000
stack
page read and write
4C70000
direct allocation
page execute and read and write
143B000
stack
page read and write
4E70000
trusted library allocation
page read and write
AB4000
unkown
page readonly
172F000
heap
page read and write
4571000
heap
page read and write
66AF000
stack
page read and write
4B91000
heap
page read and write
366E000
stack
page read and write
9E1000
unkown
page execute read
2DEF000
stack
page read and write
3E4000
heap
page read and write
F83000
unkown
page execute and read and write
4B91000
heap
page read and write
407E000
stack
page read and write
4B5F000
stack
page read and write
4571000
heap
page read and write
1634000
heap
page read and write
4BD0000
direct allocation
page execute and read and write
4FF0000
heap
page read and write
53B4000
heap
page read and write
4560000
direct allocation
page read and write
4C70000
direct allocation
page execute and read and write
409E000
stack
page read and write
3E4000
heap
page read and write
3E4000
heap
page read and write
41BE000
stack
page read and write
4A31000
heap
page read and write
32DE000
stack
page read and write
1E0000
heap
page read and write
4B91000
heap
page read and write
4B90000
direct allocation
page execute and read and write
4A31000
heap
page read and write
4FA1000
heap
page read and write
4FB0000
heap
page read and write
2F1F000
stack
page read and write
2C3F000
stack
page read and write
1328000
heap
page read and write
3B9E000
stack
page read and write
1634000
heap
page read and write
15D0000
heap
page read and write
316E000
stack
page read and write
4B80000
direct allocation
page read and write
39EF000
stack
page read and write
54FC000
stack
page read and write
4B91000
heap
page read and write
4582000
heap
page read and write
AAC000
unkown
page read and write
43EF000
stack
page read and write
3240000
direct allocation
page read and write
4B91000
heap
page read and write
9B4000
heap
page read and write
A10000
direct allocation
page read and write
4571000
heap
page read and write
31FB000
stack
page read and write
4B91000
heap
page read and write
4571000
heap
page read and write
4571000
heap
page read and write
8C0000
unkown
page readonly
3E4000
heap
page read and write
37DF000
stack
page read and write
AAF000
unkown
page execute and read and write
367E000
stack
page read and write
6E7000
heap
page read and write
4B91000
heap
page read and write
4570000
heap
page read and write
4B91000
heap
page read and write
355E000
stack
page read and write
4571000
heap
page read and write
4B91000
heap
page read and write
7800000
heap
page read and write
130A000
heap
page read and write
4571000
heap
page read and write
4571000
heap
page read and write
4A31000
heap
page read and write
3E4000
heap
page read and write
4560000
direct allocation
page read and write
4B90000
direct allocation
page execute and read and write
16F0000
heap
page read and write
A96000
heap
page read and write
3EDF000
stack
page read and write
889000
unkown
page read and write
4FA1000
heap
page read and write
32AE000
stack
page read and write
5F0000
heap
page read and write
302E000
stack
page read and write
16D8000
heap
page read and write
455F000
stack
page read and write
369F000
stack
page read and write
66B000
heap
page read and write
8B0000
direct allocation
page read and write
402F000
stack
page read and write
38DF000
stack
page read and write
4A31000
heap
page read and write
4C70000
direct allocation
page execute and read and write
3E4000
heap
page read and write
4571000
heap
page read and write
415F000
stack
page read and write
3E4000
heap
page read and write
4571000
heap
page read and write
8B0000
direct allocation
page read and write
4FFE000
stack
page read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
4B91000
heap
page read and write
4571000
heap
page read and write
27EE000
stack
page read and write
51B0000
direct allocation
page execute and read and write
4B51000
direct allocation
page read and write
53FD000
stack
page read and write
1306000
heap
page read and write
4571000
heap
page read and write
1634000
heap
page read and write
7C4000
heap
page read and write
145F000
stack
page read and write
9B4000
heap
page read and write
46DF000
stack
page read and write
16C8000
heap
page read and write
4671000
heap
page read and write
CDF000
unkown
page execute and read and write
10C6000
unkown
page execute and read and write
315E000
stack
page read and write
4FA1000
heap
page read and write
51B0000
direct allocation
page execute and read and write
6CD000
heap
page read and write
4A31000
heap
page read and write
406E000
stack
page read and write
4B91000
heap
page read and write
DD0000
direct allocation
page read and write
2EEF000
stack
page read and write
8FE000
stack
page read and write
1634000
heap
page read and write
4D5E000
stack
page read and write
BF1000
unkown
page execute and write copy
4B91000
heap
page read and write
5190000
direct allocation
page execute and read and write
9B4000
heap
page read and write
9B0000
heap
page read and write
1A4000
heap
page read and write
1D2AE000
stack
page read and write
4571000
heap
page read and write
10D4000
unkown
page execute and write copy
29FF000
stack
page read and write
379E000
stack
page read and write
4B91000
heap
page read and write
2C5F000
stack
page read and write
4571000
heap
page read and write
1B0000
heap
page read and write
4B91000
heap
page read and write
6A5000
heap
page read and write
4ADE000
stack
page read and write
3E4000
heap
page read and write
4670000
heap
page read and write
DE7000
heap
page read and write
3E4000
heap
page read and write
326F000
stack
page read and write
4A31000
heap
page read and write
526F000
stack
page read and write
391F000
stack
page read and write
42AF000
stack
page read and write
BDB000
unkown
page execute and write copy
4B91000
heap
page read and write
4890000
direct allocation
page read and write
9B4000
heap
page read and write
6FD000
stack
page read and write
3770000
heap
page read and write
6F7000
heap
page read and write
1634000
heap
page read and write
E1E000
heap
page read and write
4B91000
heap
page read and write
1634000
heap
page read and write
9B4000
heap
page read and write
4B91000
heap
page read and write
4A31000
heap
page read and write
49B0000
trusted library allocation
page read and write
3257000
heap
page read and write
4571000
heap
page read and write
395E000
stack
page read and write
4FA0000
heap
page read and write
F4A000
unkown
page execute and read and write
9B4000
heap
page read and write
4B80000
direct allocation
page read and write
F84000
unkown
page execute and write copy
4B91000
heap
page read and write
4B91000
heap
page read and write
4571000
heap
page read and write
3A2E000
stack
page read and write
466F000
stack
page read and write
3240000
direct allocation
page read and write
4B91000
heap
page read and write
B3B000
unkown
page execute and write copy
There are 1371 hidden memdumps, click here to show them.