hxxps://ghostbin[.]me/646593433857f

Analysis

max time kernel
2697s
max time network
2702s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
19/05/2023, 00:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ghostbin.me/646593433857f

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\b528c1c0-4c7a-48d0-8304-935090806951.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20230519024720.pma	setup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings	powershell.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "2"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe100000005e4c856c5b45d901cd4302ab6245d9011b244387fc89d90114000000	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Pictures"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2548970870-3691742953-3895070203-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	msedge.exe

Suspicious behavior: EnumeratesProcesses 20 IoCs

pid	Process
2132	powershell.exe
2132	powershell.exe
3428	msedge.exe
3428	msedge.exe
1956	msedge.exe
1956	msedge.exe
1652	identity_helper.exe
1652	identity_helper.exe
4360	msedge.exe
4360	msedge.exe
6136	msedge.exe
6136	msedge.exe
888	msedge.exe
888	msedge.exe
5872	msedge.exe
5872	msedge.exe
5872	msedge.exe
5872	msedge.exe
3136	msedge.exe
3136	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 28 IoCs

pid	Process
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeDebugPrivilege	2132	powershell.exe
Token: SeManageVolumePrivilege	5484	svchost.exe
Token: 33	2232	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2232	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 19 IoCs

pid	Process
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe
1956	msedge.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
6136	msedge.exe
3136	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1956 wrote to memory of 3576	1956	msedge.exe	85
PID 1956 wrote to memory of 3576	1956	msedge.exe	85
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3888	1956	msedge.exe	86
PID 1956 wrote to memory of 3428	1956	msedge.exe	87
PID 1956 wrote to memory of 3428	1956	msedge.exe	87
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88
PID 1956 wrote to memory of 4272	1956	msedge.exe	88

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell start shell:Appsfolder\Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge https://ghostbin.me/646593433857f
1⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2132

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-redirect=Windows.Launch https://ghostbin.me/646593433857f
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xf8,0x108,0x7ffcaf5846f8,0x7ffcaf584708,0x7ffcaf584718
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:3888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2248 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2688 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:2696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1
  2⤵
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3524 /prefetch:8
  2⤵
  PID:4404
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
  2⤵
  - Drops file in Program Files directory
  PID:3820
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x220,0x224,0x228,0xe0,0x22c,0x7ff6bb6d5460,0x7ff6bb6d5470,0x7ff6bb6d5480
    3⤵
    PID:4448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3812 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3524 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1940 /prefetch:1
  2⤵
  PID:5628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
  2⤵
  PID:5916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
  2⤵
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
  2⤵
  PID:5512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6480 /prefetch:1
  2⤵
  PID:5684
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
  2⤵
  PID:5316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3816 /prefetch:8
  2⤵
  PID:5240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6172 /prefetch:8
  2⤵
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6220 /prefetch:8
  2⤵
  PID:324
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3620 /prefetch:8
  2⤵
  PID:6060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6364 /prefetch:8
  2⤵
  PID:5244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5548 /prefetch:8
  2⤵
  PID:5296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1
  2⤵
  PID:2396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
  2⤵
  PID:5796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
  2⤵
  PID:1804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6392 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:5892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6104 /prefetch:1
  2⤵
  PID:5920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5848 /prefetch:8
  2⤵
  PID:5300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7024 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:6136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4876 /prefetch:1
  2⤵
  PID:4808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5456 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4776 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3864 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
  2⤵
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7620 /prefetch:8
  2⤵
  PID:4368
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5452 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,8504336626948895402,6647075726971580001,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3156 /prefetch:8
  2⤵
  PID:1856

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:232

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5692

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x500 0x50c
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2232

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
1⤵
PID:5128

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:5484

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

T1102

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\2c64cd67-905f-4040-a732-67610570c06c.tmp

Filesize
13KB

MD5
8f7e8286f2011f9969ec01127c40d4e7

SHA1
9bea3ba14f5f3bd6ee0f18409b03eff49e829afd

SHA256
0ba06ec8960b31a1fefc88d647ac80fda4330bfca4fb0cc5876b6bb565f879d0

SHA512
533b04e431e4776a22f1e956312dd7daf97794dc787aa646773c90ec5ac615b10ea0ef312a62c985adf69d3fdd1496430df8a93653d8cb54672c3f043aeaba3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae2c65ccf1085f2a624551421576a3ee

SHA1
f1dea6ccfbd7803cc4489b9260758b8ad053e08e

SHA256
49bfbbfbdb367d1c91863108c87b4f2f2cfffbbbb5e9c1256344bc7f52038c54

SHA512
3abbfbb4804c6b1d1a579e56a04057f5d9c52cfd48ecbae42d919398f70da2eacd5a35cb3c3d0a559ad3515fadb1734b0d47be48dce0fdd9fd11578948a6c7ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\18d4651f-9244-4c31-907f-d3cb1873c9a4.tmp

Filesize
5KB

MD5
f2dacd3c84ea46e0092d1aff86d4b039

SHA1
027ec2ce5aad6eb03fd6d44fde1c66500f015b39

SHA256
fb710dd83d05ce0a6f53e5e413ba79b2c6a6b1b82554c2da0fffcac50a0fc2ce

SHA512
8cfff5b2d8dd3b5fa2c6019cabfb95437f2c284616243b8258eb96135435e1736a966ff3bfee10bb40d28b49ab4212acbaed938f1e795a55e69691b717038677

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9954ed1f-4f78-47f4-a48d-e39058549277.tmp

Filesize
1KB

MD5
ffcd46bcd8ed61b2f03685592a31e5df

SHA1
90e9846eb7671a80bc067d9218620708c4ffa549

SHA256
27a98ff0ed0d479de7b00b09324a5011a0cff2371b01bee45684981d68a60715

SHA512
16906b14149106bdacc5020310388307e50794a937f38e727d6439e5e827c5ac5f68f94e7ab2197b200ab35fdadc5d41c4f674b917fc02dac4fc4624edb2dd8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
738KB

MD5
097fbbb12e898a12b149ad737e95e1b8

SHA1
aaf2a434409144ac83f980d6077477c147333ea7

SHA256
e8c8ca339336c4ca79764b01b065bdacfb5f57dd1891e65c05eadea6cb794dac

SHA512
2482fc5ba0c49cae040dfc4366695880ecedfa0de9633c00f3ee234b765777034e664ca412d65a3eb03c345e1d44dc8e579180d32aaa95370da610488e8b2971

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

Filesize
32KB

MD5
932a9962f20f2e70fc8511402ebe62a3

SHA1
a6165fc3b75ee7fbabe46c623772d392cb0ff493

SHA256
603817002eb69f0420d442cd8f1b4a97d9c2f669398274de66bc38ce6bbac8cc

SHA512
ddb657faa07ff28fbed69bdab2a6cc070e13cb06caff48c10a80407eafcb5375f00be18ffeb19b5e1c001fc4489a3bcbffdd5faac07f3558423b8a8bb8ec0d22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
d5020555e54a90702ba369b2a5131093

SHA1
597e166b62c1557174f00462bf6db185ead9f618

SHA256
3a27c0404767cf1e6cd5453f8ab123ca27796bc4317aac1c359c4b7ea6884c07

SHA512
7cb9ffa17e65217b1b0d252772f94f7a8d826e15d4aae2f638acce6501d472c48044ca2e727664095ec1124d614a2cd2e6708e1db4ea958e3529f8862a338b1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
336B

MD5
d13b91c5fc4b8f7f68303c43e2f247d7

SHA1
5a0a3171119bfb18d3d29c45b53b4a964ea53b33

SHA256
e87a5c0f3cd30c0b32732ac2b4c731c0252598bac6a0a1d07ffedb4976f3186b

SHA512
90e9c006be2b8837d38f09db37e70477030535ecc19c450fa8d00828fa1f2d8c0f1697fa9dc3fdc8969d72493d50a946770bbf62dac8e6f4fa55e66d5bec7b0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
36ad009399fc12570edcdd95a9674737

SHA1
bcbc4ec2ebdd5e7e19d3447287cc47ce1ad917ae

SHA256
4709dbe99bd3ef7772c4de31217eff9ce486abd73d266ff1fac7a7a09fd9c8e4

SHA512
f0db482ba7ade0a533b1f52d2093ace5673ee5df8db72949d57e5389dffd0debd393c59b29aa2d222383dcd5739effed00266606271b4875e59d3eeb06f2156e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
75b19f8ad7f8c7568a609972364d9ab8

SHA1
ba24ae41deac855e747fc33c7e85cb7b9d1d0ed2

SHA256
5129502e0c08d26347957e9bc62d5ab825e5f85d8025e09eaf4fc686a02aad5a

SHA512
5d019609b25793015c0224ca7e025d449b1539bdcd96b74592231114134cf81ce68bf97c23592bde5572d194bf557da0f20a391811e7672829ca40724b31f330

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
420d7d2e1f2b658c9e28355846d28249

SHA1
b47d76419e277b0433becf13758fd9d2ec145d95

SHA256
cc7e61a3f9a19b619a2ebedda8ea6b7face7e9f7df43db4fd54c4fa00febe91e

SHA512
089a38a9615f107913f4aa0bf357c4237c5ca1267d65cde04dc4748c961ad75e07a709ec529557dd6f426fcc94119f0aae827092b29b296d648531e63af807b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
310271d3556183fecb2cda6777e05bf6

SHA1
87c95cf82a112ede1e8a31ccdcbab20436098fda

SHA256
32c08f550722668f22c6e10394eac3fd4072d51899636975be6cc1d64edd7108

SHA512
f4bb5104a30ddc81b86ce7d2ef24bc3e6d64b44eec77bc491eefb7a493c51c553606279cca84696308f2ec12c5df0c2ab07430decf2565f315ad8b110810be26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\LICENSE

Filesize
49B

MD5
a9fbceeedb9a0a2e74f9218ff87c538d

SHA1
e537c487e0f6c27b293a2d77e5203917e9f82301

SHA256
192a5be81b3801227a22fc6a9b7ca0ec668117090f15411d0750a597f211aca9

SHA512
2a4702a63aaca79c14ca6f57ad0c574e59fb100c61dabf862149dc3b4798843902823ea8c719db003fb6ac58c7ce4086cc14255746a2a2aaea5eab7340b4d45d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\ar\messages.json

Filesize
53KB

MD5
1d1ca7f829aea05a3569cdcf1a12a4c9

SHA1
bd3c72334984d285dc63e16fa6889ee7909efebf

SHA256
f88ed9efb059a72dc98e0cc26d30157c50a962cbfb6d2f3bc1a75220c3e74b61

SHA512
384a1c6e6e02ed188d2e264c41b5ca26836e49caca59cad24f377f150bf19426f7e11f7624f0a9b00aedd6b3e19eea1349ec921040acae19d111aad2abac4fcb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\be\messages.json

Filesize
47KB

MD5
4fef4c3eda3faf3485cda64a4d90cc69

SHA1
173665fd64a5c5571eda0cb2616c5d329f9aeb53

SHA256
4fcdfa77e5ab838f15d0ad99e8171d07af059d235df49cd7e98cebb3e8df21b1

SHA512
c374aaa08033716ec9f073aa47421c1c782d696aacbd20823998a77cdcee82a2d35983cf63391250b7542a40f7d0f081c8cfcac0b31578f62e3731bd2d84993b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\cs\messages.json

Filesize
30KB

MD5
640d3452a1f1ccef29eba442062e43eb

SHA1
c45ce636383d754b9c10f06e8b55085ce6ad9bf5

SHA256
2cfd1fd2e2ebb04da444eae5f333c7e512a9820e9222b6cd12804851c082687e

SHA512
6931422420cf3d536fa795956dcbb14659b8b9ac3828b7df63b6a7a4ce0bf878a49ef5b08955da8252f38e527ff55cc87839012217d5c4d26d78157cda4abe88

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\da\messages.json

Filesize
45KB

MD5
73f43e58857870221c1f0780a664d57b

SHA1
0c809c720dc194f3f7aaf330b5c5e76de45a1734

SHA256
29ee6734a5e386134c698255c06fca1aad2eb303a0cceb58acce42e844069589

SHA512
1821925d75f5765c26a203e08d9b819c89c2ea12b911846e6d553010f1b7969869c5aa9902850e18b09c025c3a3fa0719f407a54672fb142574a61bad22f5ff0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\de\messages.json

Filesize
48KB

MD5
b4d14299607fcb3306237275614e527b

SHA1
cadcecd697132557fec640ea0ee7f692a3e06f94

SHA256
7b882eb0d614dc5357907a1b2eba0ba902f75ab79963851b98fad0ef14b66cd5

SHA512
60da9a6309aa5e90a12a843ff4d1ec20d197751e3c3e2270cf2c53b24eea29b9c238f0625a977cc3e36f86a77bf29db6b1d68ab1894d46b54295da819bfd3ff1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\el\about.txt

Filesize
300B

MD5
f29949c7bf76e549c9e5c2f05788e9ea

SHA1
bee96836357a74d5a512680e9bdac2eaa965195b

SHA256
7db918b3dcfe862c6b862df77b0c7bdfe50a203f56bf342e93c665394ec27cb7

SHA512
8f5a6c93d7726bc16090f449dd537badd08d761ba726207c670c06ce083539fc2bf0ef0eb076e489d34eaea8b9372b2f223b4e475789c0c0f38a26ce42033474

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\el\messages.json

Filesize
66KB

MD5
2650269c3b10dd8c4cfe5bb5d9ce6f38

SHA1
76b410bacad563a791448c3e3f5dfd2309022f72

SHA256
975e302c76a2571312db9b72aab5396a5796061f1652188641f2aa497c7c84ed

SHA512
8bd111f52a639b20893357f4776861da1fd84dbdbba690ce9f0dc2eb031ad5cb35dfd590ff51719c4ef835467f78c5995ccdb4c42edc0f47f82c80410aa0af10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\en\messages.json

Filesize
53KB

MD5
9f8c055d43ba449405d8b841051f738c

SHA1
125ffc88f2cc9ebcb3fe8fd78cc211719c6106b2

SHA256
dd1a14e418bda5d974e720e7cd8570b2a98ccda5b12b835f9af4e34b3c90f2ce

SHA512
ef7588fa0edf3734146f63da5e0d57b115cf6fd80a65677a91dfb9ecc66687cd27e7cc545442f161bebd937282221077ae52637be67d240dbe85967e20924434

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\es\messages.json

Filesize
29KB

MD5
f152427ec936941b3d77c10e33cfe84d

SHA1
382fec095a53d3ca428c512dbb920fa4163ef47a

SHA256
63fc0528d109f33082b4a96c55ee83da28af3cbde9c5546c906a0a18b6ccdc8b

SHA512
f8c13b791a39d276e6a25ea4ba4d8217ef600ce68aad614f8f030bf551f1e64377a0daf306972d52ac9deb87ad6089f4eb0f9b9a623d7e59f7cee9e2f388a94a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\fr\about.txt

Filesize
177B

MD5
cd50102767f919915dbc33766878e61a

SHA1
5b3b20a4ec2cab0b1401a59c7dcb1c6f4d7d0fb1

SHA256
e82305960b3cc96764af886e4be3edcf3b3c4dcdf0280659b64e83299c537a08

SHA512
14e5ae225f42c7fe06071e3a51a41dc6057323d5f225d72e7a834d66b75289212db8494bcca1d0bff11b79337f362c1fbb5100b6bd7e5ff119b4b61e61d38b40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\fr\messages.json

Filesize
44KB

MD5
6604408729b5087daa24b0e10bea4b20

SHA1
b77e20546265565ae986864a8258ba341c97f8ce

SHA256
7a1badda9b94a34fda72a42c55bceb6355d600fbe242e75e4a4c4087f5c4ad60

SHA512
ce04db0627b69002c78de87ac88895d695457f47dde4c83777270e8ffc20c46c3547ff64dcf7192ee13d10c244f5fad4d2a7a646c88c69773027f280b63458fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\hi\messages.json

Filesize
57KB

MD5
540c845636b903b4a32738d740174b77

SHA1
949c929b6c15cbd56985266b27c6d34be31cd2bb

SHA256
ac0f2c086de56c0f1bc9f66ea8375312ccfa5b47f88756bfa0c282bc238cdd1b

SHA512
8091c175889b51437319b387ea67754fecc72734bb08a67b2d53084a2ff494f96d3932a10f6e99672940034c8dfec838d7724088295123f595a337c83c391972

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\hr\messages.json

Filesize
41KB

MD5
19affebb7a502c0a66ac74e5018dc3aa

SHA1
ce7ee570cf6fcdcba1e02349993ac4c97499d33a

SHA256
8d2dcec34f51e83cbc2ca1a49d2a7b27a58a7a038993ed0f9e68992d4b9b65c3

SHA512
2a9efba842e66cb5b188b9d95e46546174d22bbe7ed87137f9955e5ac30841b70944f758809db2b6aaba046a17da62c17a9b4da04e45970149a6e1b1436ec8d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\hu\messages.json

Filesize
25KB

MD5
a1d4036bcfbe968d2a527cc9e0d0a6a4

SHA1
3228a37a575b9b6f1dc46034aeb336dc356d9d59

SHA256
f9fb350e0ef08af0f366f83aafa63484dcf81e3e62af417c9f07b1c6b7b111cd

SHA512
96fd189cf159b7bc0b946edefa8ba3aff16969f093986fa39759918e15d54c8aa8d472965b27cac7de8200d1bbb2e2c9cae5581f0864a7afc3a6c4cc7227169b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\id\messages.json

Filesize
20KB

MD5
e2961feee10d13fdb90db88f6c7c0b71

SHA1
37fe637a072e4191ab4cb3da8c205817f299a9a1

SHA256
4ddcd9d8f1789458ca02071cc935f1c33f5c2498da6d4b8c3013ca9677122e6d

SHA512
223b7d74dc9471c97fb16e3127201fa6f6024f146b9e6b0e1ffb23ec1acc95d4e25bd561f0faeb8d7d4a556334344e20839ee30357695a91245a43911611d3da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\it\messages.json

Filesize
51KB

MD5
a2b55e8007061c34055d1cec8f4c5e00

SHA1
f55382bcc44c4d6d994f0a55eab9ce6db576a70a

SHA256
828373cf1864eeb30051c923644a6ac4dd264bc448da7512cdb9cc86836981fc

SHA512
f255f4293d82e31a2eacd08c11bb5d594ba58e835533e2d3c5fc0d6304759642401a39e353fdcdbff225ce97ff921b01577d9d9f38ee459c9b31bd91799194f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\ja\about.txt

Filesize
309B

MD5
fd882f38bae22900a82291965f82c091

SHA1
d9bfaff91caf41ff8a04b527361ba7d084e36d4b

SHA256
41e5298bdb3b42d2cf195bc0b45debf44a90a32253a69b87a4834f5246165a46

SHA512
af925741ae47b27f0c733103ff08616c8025cf3fb0351e1bd54e23a679a33890a7925d354be36257c02b6ea6068c2f220fd85e7bf3d0e0b036f07637ebe75e37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\ja\messages.json

Filesize
52KB

MD5
28ade3b5dc1913368058180bf7680212

SHA1
525b51ab7b77101e34fe66136032f146731367d7

SHA256
b933b919d78b2cfd778528101799f0dbbc837f2d158f6a122ad3755eb4560c62

SHA512
d238b8c1b17943d7c0da316d035c48428687bc2d758e000b541f2bf3fa05722bcde4c4dae04e05c995d5d32d729e8874a2dfca3e5a16cfc4f3e7f40f8a10dfec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\ko\messages.json

Filesize
33KB

MD5
ba7f0378bc9bf423f60d8ca5e269104a

SHA1
6cebc95108de225727bc94fe2eade4f0d3483d82

SHA256
56a5d62b60514728ca02119bfee2513bd90bfebe119de083bf079651ada4a763

SHA512
b8979d1c882fcbfe6466a9937ee5ec8d78216b92554f412f0a311f81ad57247095316c5f1350a176b1fb0ff64142bc77a7e047cad5fd376e77f2b8dda2005da4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\mk\about.txt

Filesize
982B

MD5
288ffbf07330b0ecbf1dc203848e6f58

SHA1
7d00efd1e31182e01e35bfb0aa9e8fdf0b1c7d5d

SHA256
a465fc0de6f1487392b75d6b9aee6df60a5dd94730c83c50d8d58e2eaee3b111

SHA512
6102e3b90e49775efdfa310f1addf9aeefbdcd9d845a8d8ffda95d0ef1d284f468361564a07f2cc875e198c2ba9372d95c94e389d0108c78c04cbf8940347da1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\mk\messages.json

Filesize
57KB

MD5
12744126dad1d03d86c2036298727629

SHA1
f8a691a9a9292991b864317c485d5b683a26c564

SHA256
f497d524d33ebdc85fa7b4c8016bdce184ae06beaa83549c217577d7796392e2

SHA512
c9421c2d935688da55b8890001e6dcf2af5016a9148a2f55daba2297738f347f805cc558d9185d5a7c6bb20ce1146d77cf697c3874548ccf8639b908a52927db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\nb\messages.json

Filesize
26KB

MD5
4de7dc9ba1986f984e4e581eab9b64d0

SHA1
a4021988252dca6167204c21ee6e0731d96ddd88

SHA256
f7730dd32c1f284193e945403c355e310f045be9edb227f3903dd0e1bd24933f

SHA512
6af60c6fdf7f5351872faf22904812f87abebd3cba2fc566568ab6883edf10e48d73f260f0226ef7cf205812f20f6bcdc423e569d8f14b8e01489d7d0d672d20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\nl\messages.json

Filesize
43KB

MD5
b1065237e94474c7c1faca34e4ac84fb

SHA1
18d45ced681db6f804a5225946004be48c9dc99e

SHA256
f3f5658bb0a09f72311350b466858eba846c390863f12105f6819724383e873d

SHA512
618f11b88a9b31b3252b6ea28e6f7771c8e53b4cb942717b281f96105f57f2bee4bad44c31fd8185bb5d5e9a00eb94788486bdd605b2186a2bb1452c8469c765

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\pl\about.txt

Filesize
589B

MD5
a6b7e18589601a1c8724ee46fadad47d

SHA1
851e437c25d3fd1937f64b6e08322ca6bd1d9e4c

SHA256
6e860b988eea3917764a6b7ae4bb32fa3d5e47b083f6c66e0533dd0edc17e1ca

SHA512
4013ae0eec441df9520c03abe9961a767f4313bb9ac83ce29f043385f92adf1e99e6383b4f4df4525120b4c8b35dbaa4d3962b23fd57cc657ca07098e0a404f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\pl\messages.json

Filesize
34KB

MD5
c5d156499fef1fa93f4003e535ac156e

SHA1
475e301328dec724d3dc4e4b7ce6f6f3bcf4b920

SHA256
a0ceccbd3778882e4d2371dab6d5d7980a49cdf9c2c4ba34d33ff0a36e061323

SHA512
d1d0e05261d56ed8adc051a9953d1d63606d50b2d37ef2ce6e2d7f70b009dcd7ceff96e32bbb3a258213e599d3e115faae7e6edc26a1c1384042cd1a3c1c648b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\pt_BR\messages.json

Filesize
51KB

MD5
90043a46cce7948e668047efd4526f1c

SHA1
217716e4d875c6c3b5c0c3a223f64f2da25fb78a

SHA256
0c33cd92d19d2800057cdb7d47262a183101d50c93b63c28c6b13630a9f9ad7a

SHA512
493e0d78fc1bddf1dcf21082809e3b7cd33e8f9134b0ea58d7e5141daa5e9d1a0d842213e4be6d7d13c1fd8573485f88740500d76e062c50b7ce316ef490def7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\pt_PT\messages.json

Filesize
31KB

MD5
4b9c4f7a61a08fd8522f0e2276e788da

SHA1
ec97f7b376ae8a3c26fa9f58d8377cce86e5fb00

SHA256
d11a3436bf100a80e110df1abe44b047777da48c5b46f5d01eff7710683bba8c

SHA512
ffca13846fdfaf0a9b74864c6da2d9dee35c51396513c5fdb7957ad9f6c71efc22ff5284ee9e349ab26e4eb15574a97aca91200b5ec168f959dcc19f90a8af45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\ru\messages.json

Filesize
62KB

MD5
fa19229acb3f16ae9d695b7b1bc2be07

SHA1
ebfadc7abb948a883b97a575bcd217edb1181329

SHA256
8ef8f14583447c91fe7c3d1fe06230d74f036b401f64ff39db69218e113b262a

SHA512
018a1843a8e6168b7c80ced4c88a8485670bc01b485b329ad4cbac5a73572b6287963a328b23f9e0cbe7badf25c747f1da0185042395c88a4d1f5f236282136f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\sk\about.txt

Filesize
339B

MD5
4134fbde961e74e52a5e62bc39d20bd7

SHA1
675386fd88ef06e3cc11b9d5b2268ea060512222

SHA256
eda0807b5362b28dc63a92eaf7719ea407e6bab20d901994a44909e6598ef3fe

SHA512
eb690c530721096c139301abba42511555b6e0e6193dbe18d764af4f5a49dbbceecf0429d093a752acf549376e4d45ee0d806274fcda3f849cc8f7b772270498

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\sk\messages.json

Filesize
30KB

MD5
719ec0db71ede6b5bd9d7ae4b815614e

SHA1
fd3375e5f048109d337e84d780445e7fd28cbb86

SHA256
bfd36aab525c03f91b0350fe135992415fdafc79bc5343826a20df926959e33d

SHA512
b970faf4ad280fcd3c8755fb5bd771d758a6692f8c684b1750f4ecc53034f0eeddbbfb9342b1198f98533f14d9d7c843c601b4d83691ed55e8c2e0f3270c1b01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\sr\messages.json

Filesize
41KB

MD5
2ba15f2d87e8a61c17c8850331115b6e

SHA1
052ac12155e0efbc1b5d75989346e28e818c6a33

SHA256
0f0752370ad1b15be89a3e7d837d2b1f70712db501c47372a0d21ae61d00cb38

SHA512
9c074c4cead722110ff148cad8fd6c33e792968f638992b3c18e6ea05f296e4e4b7e3cf427b11aec92350a9e97209b8784c8361299d763f2db10bf855b262e22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\tr\messages.json

Filesize
51KB

MD5
14034e106cfff09cceacd30489fd1d28

SHA1
962d5759ffc6a8bdb13405988c995f45f27d54b3

SHA256
5af622b7a00f59c451aefa2ca28eb95f900450044344de18f9bab36b2c0736a0

SHA512
c836407172fafc7a1e95a265fdef4e53d233ea94f099e1198ed2c3294d40051da62d67994674242ce75f41bb47909d1957d6d4ccb3118e6badad61bf6300bc90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\uk\messages.json

Filesize
55KB

MD5
9a91517a4e9f09f5bc123adf7bf7b603

SHA1
367e60ca2b840db2d71d433bdb2f92aa94d45b2a

SHA256
c0ea2f6b84f6121a53a4879cae15f138b37d161bc17d07783fc8a114877bcf73

SHA512
6936546c8f1b5d6a231f5d65dacb8b5925fe44b46b35c0544ef50c0d056848dff77959c55c3034d24322e26af557ffb13044e9c1c9d6d715136cd4a3715bb13d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\vi\messages.json

Filesize
52KB

MD5
8cc71cb244f5a943a607b312c379be1b

SHA1
a6aaaddf21a923995c11efc019fc8e98342730f7

SHA256
b89614ee3b6c59570b1086f3ac025cbaff42716fe18665376baf8ee9e221bd00

SHA512
c8968e2f5cc1c68d906e7751ddb23be4b4c7c5d95e9b66021a9729ce2ffca8e06750680208dec2816308097439e8c731c19ead13a40b4afc1b9845bbf6f1f33f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\zh_CN\about.txt

Filesize
133B

MD5
65952adb62b713c336553505f4939521

SHA1
d18dd70c8d97b5ad062ee958cac0b23f073b2383

SHA256
572448411b6e3119c8ffbc459906fe08b8aae3d184878e93b962f87b2c2001f6

SHA512
6df04ec73a60ffcd8a0feb2bafd888a616a89fc02260004407af73a1667f30fa5765555662b71f5ebbd3cdfbefea4633a1735c11e21b799860675dd688a90384

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\zh_CN\messages.json

Filesize
47KB

MD5
7b5c8da4322815c262131abeb6ddc159

SHA1
e13c78545c1a3c8a4c9a58cbe64815dc168bda74

SHA256
14f506853668bc1885f4c6c3cbf487a287a408d9b50883f2437885ce774affb4

SHA512
7ed4fa00d74f67de9da6a04a87929d789873eb6d7faf504370b882b4dd8706c75bd5941ee95eed1cdab5e4a2fe4c24ac154283ca1971ab75323f526d15f36b64

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\zh_TW\about.txt

Filesize
137B

MD5
646674401a77f421736616f8aebdb5f9

SHA1
43b2adb03d3cbf1deec87b7623eb6156083d1c84

SHA256
423eb538a6eea07a1f5977cde8864cabb09e6369edd18a352f8961441cbdcb20

SHA512
d37a53d2d5a0c0bdd43dbec7331b2092614a3860a01a2f5233f79065c7997127680492d44411750be4807fc414b125ef84d441dda1b242d3f85744f02c74af22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_locales\zh_TW\messages.json

Filesize
48KB

MD5
2d88ea5544c799555ef1fba9407a0dca

SHA1
84fa153b6ca27db5ec69aa94f8bcd1e9501f54ca

SHA256
46365869e8eff0cb44e3a2185a7876445b3098cdfdad80b4a41922da4dc983f7

SHA512
6aa82ea50406861604966b44b0b278e7df3eccf062e0af6f1c863962487a257a9cd4e77f40f55bde0e9aa81eae8edd208f36e69133ab2eaf927e2e1e8b25180f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\_metadata\verified_contents.json

Filesize
11KB

MD5
dbcb924630020b11ad723c838cca6164

SHA1
153c014e572c572b1df8031ad1f5a76102dc863d

SHA256
a309467b48962acdba3befee5cf7d9f425da219fcacb1079af69c051415080bf

SHA512
c9c45e9df229b071e5017267e50c387e300a1d3a25f5379483ae5f724364e9b457d90804253be996ce89e32f0f25756fd32e7f51beb654d26183a5b6b60fdd98

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\action.html

Filesize
192B

MD5
c4e4c78f6a61e3a0d0fca1569e545c09

SHA1
576bb7d1e92c539a73b9f48882267b3e0c1033e5

SHA256
447bc7e6e6a5695f6c5df4ca19260664b8611ba2eaacaa0e2caeba85876b62d8

SHA512
cc3c560bc0b48d682401cc650323ce9332ecda74a75ee7538974d92daddeffe7da063528f9ba280263eb131025c2f71cef3deb1184950d46269edfc0cc3e5692

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\background.html

Filesize
166B

MD5
ff7d19c0ddc70987b8dd6d66480b5e51

SHA1
6703b61d2b888a2e6fbd902e5c59bb88dd9d545f

SHA256
b6a5511547a70657e07b3c569d0ab21f5120a1983b32fc3958d56edc55427143

SHA512
2e7dfaa54b6f6d26cea04cb08cfd43d8176bdc672e3d960022fb78336f663028dca4fc27123062b0cba9759fc410db72a1482581feb87d973cad872f76db3e49

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\background.js

Filesize
471KB

MD5
f68dddaa4ef12e79516f0f4a167e0b65

SHA1
64e2f4807c44c45e7ba211587f5936377cc2f8f3

SHA256
09d049b5e8e1fc8be78d8a441e66fb53d69a265dbc6d0698fca8f02cf52b69c0

SHA512
cb2d50c0cc28c2eb6dc6c9ac9b3fcbb221c678e49bb6835fdbabe82fb99211c72c11f40ef3bc4f8c59311f6766e4ea0f601a0a91912421decee566934a2878ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\cache.js

Filesize
1KB

MD5
6920493d732e9f10f3c7d9b01a037cb7

SHA1
a52b300edb7029ba04708aed4abb8ebbe2532366

SHA256
cd2deb3ed51db10e987ad24d342ae9bf47d8358b8ef77f3e43ec7d3454000f71

SHA512
dd871ff30ce0b1c1513015ea1a50a94628a7a99a857cc0b9462410f8a014a39bf2c42917f3fdeb962a53d2b4d8232dc00e5723ae23206cf1db1b729bd1409344

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\editor.css

Filesize
28KB

MD5
9c8776c01a9926214270f446fb3e4e27

SHA1
fbfb457dbd9bb9f1d71f4e45ba38fbba1949c70d

SHA256
964fb384a75e102d2d2bdb3ededc4ec445c3d47f52fb3c1b41780bd163690fd1

SHA512
8bcbadafd2a3700fbe7d43b6c1512fca0678495175af474a99ed298a3dcd147c5450e7a27d443552136f47f515544588508495fb6d1562ec5662c0038b277c9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\editor.js

Filesize
394KB

MD5
32a807028d4fcaf1eee651ef30b72b2f

SHA1
ea504f8370d2d9750410aa4f685e1c5002a05ba0

SHA256
dcab2c2b29196ed2363b313a3ed16f4c0a32bdccf1aabaa4ca0acd0c3d883f1e

SHA512
ae9b6e5ed354df803344146c2ec5c49ac5ae1fad931beab4c05abeb96f008752031562ad61930e2f56ef9196051127b8ec806b478dbd7a4a41dfcaf94bb9e642

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\extension.js

Filesize
439KB

MD5
5bd90d8bb9e3b4b6bb923ed6cb8a57e1

SHA1
4efb4d1b3c11625afe791eef25b7caa6a4af2a80

SHA256
8f4cecded3370ded7a94feed8a5c1222d070846ea10304a198c28b94792a4f93

SHA512
4874673edb25cd326e09837363e3a67f3dd3facddf513f4e3bb894a362b7e57bfb57a91a70f0d760618d412c448c202f2e9f0ad67d7305ee02d34b529cb919a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon.png

Filesize
754B

MD5
7f739a9aba6178c9cd65df719b360523

SHA1
e7fef0aa469cfb870a98fc2be0cf8a315a4206a2

SHA256
706baaeaabf2e1366939b83bc796f5155a4ad4d97d660a9b4919012de128485c

SHA512
dd8269aa26cac68a09507ceb89a982751ba993adb4877048039315c5faab31ee5550b275e1a840b5110540bcfec8bdee95fea14bd2a41b754bb768a26179fa09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon128.png

Filesize
4KB

MD5
a628a38e2bfd202e641bd1e39893431d

SHA1
8aa799016689f48a4899fe1d24f2da42db9ca2d8

SHA256
23050b033580b68971a35bf012bbaeb7b384555090e684092e70128d11f365a8

SHA512
9dd7cd5a384f4d0befcc2fb430b07b63674c832c1884727f1f1d392aa3f28790e6467c094a4c13f4426366e38d665e50b3997f2a86f50d3bcab21bae64e91cbd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon16.png

Filesize
568B

MD5
a0f8971ba59b0a869c0eabbb613f860c

SHA1
4518714aded92164d75ad08e3d15e8e39c96d4be

SHA256
877e9aefa4aaa49e71ca6e876240afd2d61555b7e80880edb0359149daffc760

SHA512
044aee2a0ad0f85ec6166080fdd80b58bf97da44f417295dcfc20f40512e33df9a1848f08343620f2199da73c28d9be08cab1fb3dab1b1edd7ecc0607f85966f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon19.png

Filesize
588B

MD5
cd401fe700161bebe48e335a73caf027

SHA1
6f3bc7d67fba4b60c72b5f6a6b8ae32f58471ad7

SHA256
7561e2bc083fc093a17b06f8b2ec8a5889a8081348588948eebf53e4ce9623a4

SHA512
56bbdd99752114bb4d5569c5bb6501e3d23809415dee1ea3a97c5b5cf16a4ce8c8f5f8a43aee6d871903bb3e497d1fef1ee086bd588c918111137327865ca198

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon24.png

Filesize
746B

MD5
38ae885c64638ba594d95a1c2d3fad42

SHA1
88ee990fd291bf13a4cb85668e2b362ac8980efe

SHA256
f30306adb381577d88cb1cffce50d487243c175eb16a295ae83d25d2d6a6eca6

SHA512
4b938e5f70fc44c9d8a3493716ac77488d1434800af3e6027d6f0938ef9f1e90ba40b16e43c1533a24bb3dfd1d0928bf8d33e80d65e23e4954802228d491b925

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon32.png

Filesize
914B

MD5
08bdb83816a6448e256035972b817e5f

SHA1
eed9212ca1c8827e117be4a4709d12eabb85e2c0

SHA256
8995e45ef37810205c45baec1a0fc075bd5292dee79bdd090718e1d8beb13b39

SHA512
cfa3f2a31eda89adc8cc6ff033eb4a108288a4ea1ee98a41dc5e4535ac4ff0a051edb0207c33ec0580d596100cba7c11144a00e6fd1767d79d4635250741b7d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon38.png

Filesize
1KB

MD5
36d084a9497ce5555050273395ad7317

SHA1
00fb38ef460c902ffb9dd6337afc20b1a5784900

SHA256
0c6fdc37a88a0a33e4dac0cab59fb780e68b75da3f60f142d9ed45b22bdccd6c

SHA512
ba1b809afa6ccc1dbd284d9a88486c9965f28bd9f6db9d9f2fd03e92284e6560547d81d6558e0458849f70043f3ffb511005c34372009c0d6a152c840ef3eb08

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon48.png

Filesize
1KB

MD5
57052402ff078281f074ed173f334aea

SHA1
75b8c6759be947a665cb19f1ac1fd98c719dfc62

SHA256
cedeb48109a02faab1a05de51021b6898b40318bcebb33e614a3345112cd9182

SHA512
c106b4c2d810a9d8f6407f007f0b29283ed17b839e64f9f454c43e0f5db3540a90ecec0b09ad08d24cbdc09b0d7fae93a5fe924b07e3442d0c92f7816c9dab6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_blocker16.png

Filesize
786B

MD5
aaf8b98c6bdc1317f6754202fe44ec6b

SHA1
2c35bc48b4ba56a8477d0e815b5913dbe4370d23

SHA256
a0aa43f5e37d15a883139f8c9d7a1f8bbf7c048748849948c0d0ed1f2f4eb112

SHA512
299d51c274184e8d4cce39f12b651afa970dd3c83eb7ca44cddda24d30ac6411a1aac846d1f0ed2eee6511a445c4368ee72a587c23b9688b5e22d469ddc3fd94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_blocker19.png

Filesize
914B

MD5
a82a0582217379438cf24a8213702cec

SHA1
bc4fd6c1f00976fda00886d6e9151e986fb35fd7

SHA256
18b70ea568654e6853878a42e6d4bae967eb52161a79dde17b1b84e78c8de6b9

SHA512
7959ce433b6bacc481c221a7bfe9de331e3fcb84cf35e9210238ec7ca7cd289976ee432238874f6572d8387d9c64c44bf58b76bf96fea26c9faf8bc0d03a8486

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_blocker24.png

Filesize
1KB

MD5
dc1ae4efb0540356318cdf9dd7eaea62

SHA1
863ecde7f514fa2d4632d781b96b8cdb05ebb99f

SHA256
dc56aa3770517442a6620cb177c6a29b22d7f6f34cb1fafd5657a7fa6ca86891

SHA512
dfaaff1eea4f6cc0d3de9deae118bd4ef8635b20418e90e5c42f05ceb2b0e5a6eacf2e02bfc0c0018dd2688bab87fd2fd117e98760f1c2f6baeaa0f84753c981

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_blocker32.png

Filesize
1KB

MD5
8dc3962678df5be3f4ed331c9cc2285b

SHA1
cb683cf0521a48994bc83853472a21086d5a3ce2

SHA256
256b9aef962f3100c7a34feb3dc3401193bb8e8501b3843e63ac28c3fd3518ad

SHA512
b3b8dd7d123fbd90f308b5e812cc4425d37d02509988385034cae9c09ef9e0e7d45d8332d421a14557ffd489c3f0a92639fc3e7c1a2f7cc6cb28e0c2f2ba4e62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_blocker38.png

Filesize
2KB

MD5
4ab63f22bd729c53b214271661a801d1

SHA1
04f6203a234060b48ba7542a9e803c3b60fb3d77

SHA256
4bde1323b06c4661c0c2649e8d1db16d69064fc0396d51005c3d7a29c5e72a3d

SHA512
89a67e7e09b7ca7dda278705293a23c254017147a54109e61f19afce4cbc6ac51e48e6bbff22d8405e63e5daef761d2acc4ed4490047aafcc553c1663ed27d52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_forbidden16.png

Filesize
768B

MD5
3aa65e6d3fd1a33cd4db238939bc6719

SHA1
806a942ff97b21331e93e69df3c90d32430c58ed

SHA256
a95b3b652f1d59ac6e87077ae188e01c741a6e969fbc2270d0a6d50579769728

SHA512
d7db89a574e73861cd3016ca06ca57e548c2fe6a056a93beab38d3267749b6de2b1b57ac056e2fb3f82ac69bb247971a03fa11948e71e5431b445af2cfa02686

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_forbidden19.png

Filesize
880B

MD5
5bb32a01de98c4864ec69821803345a9

SHA1
67b79cdda52fdbbc15c739d518b467d236c6deb8

SHA256
a42497eae97c1df7fefa4c29d468d4e9203eb050b82e1c3c3d73a6523c835cf6

SHA512
6f2a3964dfcb2c5fbde35d31fa0ba32d7dd3e132cdd60144e848c14d682e853f1038be7de6d61bb213fb6f35522c3ebc1a6b9efe57f577542b5ef54e4a10f5c5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_forbidden24.png

Filesize
1KB

MD5
c6f0b533a4ea71f3cf8eca01423b8ed0

SHA1
167c5b15e9829954128411a271d79af732309dda

SHA256
26b2d2d89d95171a978c1dbd7585d2436943f6348f8da6e48c478b6ae92e813b

SHA512
709971fb032e4a2536482f6c8e12c3fa9a473f0ea18acaf5732816ddcced628e08198bcdcca2cb3311eb52e4df705f356e0d4478d00d72b4751832bc52e98a5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_forbidden32.png

Filesize
1KB

MD5
afecc4b0b611a5f813bfccf6a389056c

SHA1
013b7bc8cfe5e77cb1cb2ded21220a54365baa07

SHA256
90120334b2fc08fcaaebc8c0f072668fb5eef833201457a2a28e0d76f00b8ed7

SHA512
7e221aad556fca83d10651e60d14e122da0a7b7ffdfd94cb30ddc64314a108f308cb0b8ca87f1fb4fc06e3c6e1aa2cd99dcce025f26ca3f481af65957aad3a8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_forbidden38.png

Filesize
2KB

MD5
7c302e704ef85d7ef0dfeec46009820f

SHA1
55e21ef75d6c1604a470890c3f53a68882a95104

SHA256
6d70a82879fbc5a742c0d3be061ca18e22a03e4532da9a934446d8f482cd01b8

SHA512
a59d21eaec53f45722b068bcf2980d2ff12a5e7ed70598c9be0e0cbf3d3dc62933b2201677aa9c1eff635151fe7cf5c00595b1b02618d4820a145cba36c4ec45

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_grey16.png

Filesize
524B

MD5
e5f976c27511fa5be1dea7cf1c57cd1a

SHA1
256543215153dead39d3be0debbd171b84d64a50

SHA256
6880294a7314f0a1fd1b5f67191424f709b1608a256bf5f284f350e35216c0e7

SHA512
80ee818d80c5ae12e3b0e3f4f5aa093dfc19a2b41ee9bcf2ddc784ed829e0f3ad5e91b278dd7a6f527e3abb969372f5e3a54e203d2f0989adb8038cf4a325c5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_grey19.png

Filesize
597B

MD5
839dace1115feef581da9405d348aac5

SHA1
a7087d3faedd225470db38fe60979b9482bc0843

SHA256
01d4969e0a9839194ad0428c8de0131c7b9120a197169c7ad7f8cc44f9fec6e2

SHA512
d37ce2921af2d23696574462f68b3a69ae617d43d416f07da118aaddbdefc7ed14df61f77fe0814565072302640f1e68815b963bd4e1a0b8df277b3710e96677

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_grey24.png

Filesize
850B

MD5
d5569cd33b6ae0cf43fa2502b292d967

SHA1
6cc69fe63d05ae52652febead22131c0f4782977

SHA256
1c015a583df9e1c678f11c93430258b8e4d0dd2e3203864cdf9956278cd4f92b

SHA512
f3b1530a15efede196a9d3b68284cdde1e62fecad75efb9ab58aed2f0612971d5ada67ca9cea5e7f07a3b1523de04d66e14e2157f7eacd8608bf1b115ad2c487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_grey32.png

Filesize
1KB

MD5
9aa827bb309b8122ed3ae4a1e0e1ce98

SHA1
4e87476370f19611280bb355a78d9c4e20a17c29

SHA256
27d81ead1ebcca922cc742824da142dfaf45d68b83cdd78a90e04613ebe8b2dd

SHA512
9cc3527cdb1fd0c653c2d3f142a6a1b1ca93b27bf4f339b55de36822d43451ba752732ab1b1851cb80ecb37c52abd98e826201d218585298f829b32fa555197c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_grey38.png

Filesize
1KB

MD5
89b8cc449a405192b375d4832b4075a3

SHA1
1ef21c7904f9f06a48a2db8ee16de4bf5e015aa3

SHA256
48802c44adb2bd2ec53834cab4cd038d4b7cc3730800f3117f4592187efbb5a5

SHA512
fc0267a9430ecc739b132e066cf6f3efcbe7d16b6b9712d1ff1aae6415d86cd8f1b01928bb8bdb83cad35993ad9b531d21732c9401a808008c9e9eeffea9056e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_paused16.png

Filesize
754B

MD5
65468c68cebcd8b7fb805f68444752a8

SHA1
1505529b582863e920689883527fbac2c6ba11aa

SHA256
2b237eb203ec866e756357557ed3f80bf913b9705a59e137b38f1863273a2f38

SHA512
b66ea1247d5ebf2dba137306ca567a9718a560b2123fc5d4bac9333821f9242f0ff2ce53583bc74b62a72d008b3e04db927ca78f89e7a683413ed564ce6d9b1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_paused19.png

Filesize
873B

MD5
d1cbaf82812aa66e90673c0a73ec3e08

SHA1
e96db01a3f652d7340f3271e09c8370469d469a4

SHA256
d02f31638901977d5f1641671ae63b2c163d4606d737371cedfda09acd708791

SHA512
2e41717c8db117289ff48eec26ae3660424b68b469f3e1f7a1d7ceb83424ca0a21d7768cb66ab5eeef154a0b633ade562b3cc5bb2365e8323fe7542e792e9044

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_paused24.png

Filesize
1KB

MD5
ecb3bd90077b4d7e1540da106280e2d5

SHA1
0280e1b623e0eb07654e7b5f12b723fe0aa12cf2

SHA256
c9d0523beb1f4397b46bd2844cd535653040109d655dc56b9e3e9b969478ddbc

SHA512
6fc4388be35b78595c786370ab26a8a5419ef4032ccfaf162100bd5e9aa159b462d14e279f8c8158f707fb27fd51439c0098a5dc509e64bd3f8ac9d90cd008e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_paused32.png

Filesize
1KB

MD5
f093ae7a2bc57e52ce90d2082fb630e4

SHA1
f43e57a432e587676d25a9e967d17ca99ef77e20

SHA256
fa3bfca5e035548d281e465be719ff385d1fb20ab285defe5e6d9df4163f8e2f

SHA512
85f5ce1855ef7c5ec2eb7940ad35421511962d64395f2886c696e8d417746ef7c18913e9d5931ce6cd6c7a6fcf25e5f463bcac5874bcd21856def469d8a59951

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\icon_paused38.png

Filesize
1KB

MD5
80430bf5536959f8f363c504b2f18714

SHA1
c89d099e3fed2f617980fa6dc19a99ba4b2fd5f6

SHA256
20c725009f6027e1402d5da09c74652785a2cab07110ad1ea81460dc3511f032

SHA512
f838a79f4c9d655edd52dbf61cd3346701be51455489ec8bfc621162cc0b45b64adbcccaa8febf95032beaf0f79c8202dae50c6d0ac363fdef2cd86de3d489ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\images\txt.png

Filesize
16KB

MD5
caba504e74310273b8a66270e7762eab

SHA1
5d1fe5f975912b51c1f5e507139112ae3f3142f5

SHA256
a485dc4fc00b770549a272f72b984b0724e0456db6fad3527ab4eb879326e456

SHA512
4a630be56ec35ce0fa19ff097f958ca4e6a3085bcd56b9990a5807dc43d2f017e75419a9a8a7dcf18e58f4d59a87859b0d61f67c0dd92679f0493a302c58c841

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\lint.js

Filesize
13KB

MD5
339afc265cd33810c988485fafbffa61

SHA1
4729e026f54d9bc5652498c7b5e0fb2f2b5ccc3f

SHA256
6cc736e2d9c17f90e04c06ea9c66c9ab68f538be19e1bd6275461e478e978ce6

SHA512
7fef89d2bedc5fec1a7516c62e77c06d38b2d7f0071506782bc11f65fc46d2a0e5a58109fe129cbfc4991bee8fbd47d7d69c5af4e82d63f3a3025f39b2134bed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\manifest.json

Filesize
2KB

MD5
df95c8046e911cfdcb0f812747f03d4f

SHA1
41fce6b1df3f6c6413451e95fb8a0c3405ecaf22

SHA256
91bec6bae5ed3674268d7f0608842d829dc3ece105bada8a610dc08ccb9c211c

SHA512
d9fe4666077ca0370602639a3817cd9aee3691a6621f74528960003c3603c004312e68e0e9d1354712c1dff67a7894c219a88d9e45739df153e7ec1f95daa4d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\style.css

Filesize
414KB

MD5
9af8ea5fe542eb7c4441218ffb64add8

SHA1
d60c378cbc66083bc0bcfbd75e542ac04e2b85ac

SHA256
916b6e8f366bff72dc31048c37b2ce9f05bcdb1984bee64217fd659d1f4bc73a

SHA512
3bae6210978114558ee0df3356dc5af9eb96dfc3f096f138b7bff3923883020a6735a0e5d1e38bc136ceb479b8d985a86eb30244307831e09823a3482c5d37ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\test.js

Filesize
1B

MD5
68b329da9893e34099c7d8ad5cb9c940

SHA1
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc

SHA256
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

SHA512
be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\userscript.html

Filesize
129B

MD5
5d7e73a21cdcc34689018222b08f972c

SHA1
2fe732f3bbef8311da084641cb20e1108228543a

SHA256
2df98eabc3fbd47a50db52694901560f37bbcea4737655e987d2e2a6fdf71cfb

SHA512
bb28fb14ad48d6acc37bca938a67b9dc4ed52b252dda2f605f639cd6d1375041a218d96504bb71c61febc9b6d6003381bd0bb08d736fe3c686a476c21264a5a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\vendor\eslint\LICENSE

Filesize
1KB

MD5
04d32f89e7aa1677f8a860eb0b6adb83

SHA1
2860013301bd289128ddfc22a75983b22146a3cd

SHA256
db83f2ede67f36cfab1ea0721ea2ee97515863e9a65346881f305e430451cc91

SHA512
8efa250e08a42dfb4b7b15156fbf085c0ecb84bbd7be6e5170f4580f01c867f04b5fd47761d3ad9e1ced2556a28f8fccba6bd054abe9cb906b98ea2b8fe1f1f1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\vendor\eslint\eslint.js

Filesize
1.3MB

MD5
116b63643039c9708b5c0ede9e962a92

SHA1
cdd173304dd4983e6a749954bf25fabcfb4c353e

SHA256
49e5433142565e37b80d22c1683ce3b57907f95a68c59753d740ec63a86f4bd1

SHA512
91742defe64901adfa7515841a966af3632dc4fc0143c5691bed5669defecc9009507e1fe420d72ece7b2db95dfecd141a751bf9036ed58725f7aed6e8c6aae5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\vendor\jsdiff\diff.js

Filesize
10KB

MD5
5651bd8f0a48fd6a9e985204cd1fd179

SHA1
0e020da5b5fef067240855e64aeefcf7538e1cc2

SHA256
cc75a52390dafbac0b582aefd268ecb6d0b697021ed984bcf0f8c8c75d583f2a

SHA512
e220ae30fd8556dd79ea15d9cf83f0def7f2a6aa1d962c101543b338c63a3c2f8c51eea901d1133aa1e8d31ad2b04b7223a1792d87f18d7d59cc7a5b35ed72a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\vendor\saveas\LICENSE.md

Filesize
1KB

MD5
07082d137b4a238a9ebcc8c1064391f3

SHA1
48b784245e55d5ef4d11b1a27759daed6065ff69

SHA256
acdfd24a8e5a933055326b235b08611f759ba4e200d42a455a5b8dfd3676b1e7

SHA512
64e847da190bdd7f62e4432b1693b74364c4a4964c7dc1509d2dc9e48574291de5ce9efbb693a2d3175ea0d6e49b59164c3be7ea108ead3ae310f2611c8ee656

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1956_1054281111\CRX_INSTALL\vendor\saveas\filesaver.js

Filesize
2KB

MD5
328b74df2b90cc8269c26386de0b3b71

SHA1
e28585dba269b9403373e6119fec3015189bdf4d

SHA256
8261fe859bb2e18ad24237d1677b346b5b52e7603f5c0ab134c915d12d54b01e

SHA512
d1300e274af64e08368ce3de0a6723ba7162fd12b0a1ad15ea1bc4905526b1b927a8d6ccfcd0dbaa564af7a695a258e58a941a6841fe9dca7f42a34727d713a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk

Filesize
2KB

MD5
190a54852a6e4a1cc1e6c37777e0988c

SHA1
e7b9744196f9cb97f59d0228284a8c7abddb2bfb

SHA256
b74b9f6468178445512ffccbd4674471152d3a6c1883285be52f45e2e8891e6e

SHA512
9ef4adf05f00e6ae7e250999d91d15bd96d9ba424345a0e6c6fc2c1932daafb28a97b838c0e29634b10acb8a15c35c19bccff3e8f55e04c90aa61276afc59660

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
3974474b3ce844f4b83cd4001fb26b2c

SHA1
4095aebc52d324d7c05f44393db56b25f17aa0f7

SHA256
99dabcdc5e27083143a74566ebae3c20e161b1d9e4c76f94ae67291bf47a2871

SHA512
65ae45a71a55dd11e02ae83230043947a49a5002d100ddf64769f519d1f10f0bceea442a2a519aca7c1e819c1f9b5eed20f9911e415e1035a8083069a8fb84b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
897bd9f45d99316ba0aea9a0cf7717bd

SHA1
db08d48b5799eace7ee0b327707677991f83082f

SHA256
9d2aa9f37b4c51f12b3e09d1c6897283dfb1c49a019f019ffe989fe7e8c1dd83

SHA512
29a7347996315ad789c2a6b77657a3a90be9ca06861f4ae9d5c28f3af013d60207032285eb9cf88eb91229bf5b30e1b7a4f1225327252104faa574a7b60df3f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
abbf8e423962ad124e0242823c141608

SHA1
77bb10dc3f8c9ad9f26fc2e16cb78fdd74b60818

SHA256
9aa8d23e222ead4b982ea1cb5aa27791bcb6fcc991cd03c5ead5420cda50ef2c

SHA512
5596dca33bd3399e68c63417cf4cc66b9315364b8b7866638978f9ef39bfe6ac7259eb135d019b9add2d59d3d7881ed5ca9a0624bb7b52c9e8822fd39ae71bf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e57db60938ec5aa4088128bdff4c3d6e

SHA1
ad0adc59eda1f9ba95f97de783ca42ead327a0fc

SHA256
25c5b92560151d0b1514c995921f3843fb230203df7d9f3a423e07708c8b343d

SHA512
abe084a1f657b3e24b02b8553ec9b7db0421eb328e7bdd48371df677b6dad0b97c8ad296163f8d6a59eb077e219ac5102c065ce1c55b5f2c9844e5ba52691894

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
4KB

MD5
b351726b5bbd786301cbeeb545fb0c33

SHA1
4ce7759252dae452cab2eae82cf190182b3cc820

SHA256
5040d3de830e0f493b1e32b7efb930287dabc4ca359f3ae8bfb3553f527cc695

SHA512
b9f851d25ef969e46683b0402c7d66f6d455a37aa08aa9f08d8b31ca5221a9d6f57c5d61c2bc1d9ee894a661fb92261b3fb38f6793921babb8cbee5a3c7f41dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
d1996ce4c705ae278d27a519b7c743ee

SHA1
cbc4576d1eb2b098ae2d11bc568d180d21a9d38a

SHA256
bef877bcd1d320baf8ff2ad420362cce031783c81c3b7a3129cc21036b8c5784

SHA512
93597de5b88563b3b2a3788cc7bc2022894d1810e8df2b70d5430a67326f72f0c1708660acbb59e28b227e5110adc2110c95df5930d91b7b77c0dc8e73a9c306

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ede4e5797e9f3ffde80b50ad8f7bfa41

SHA1
e12d1568ca1e0a454109eca8f2bfb93fae33dd2f

SHA256
52dabe4dcb3ce18d184184e42f9234d6c93e267dc739d112aec7b3a32198bd0a

SHA512
8337138699bcc8af40051363bdc811c2f0f912b5d6703a153f4f1fbb86016a24b01758d40bc3fc86a7a2e5b996f4e1f791217895c37c22c1041fc5be4fb5a7b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
a5fea45f11a8c37489b10cbefe002af8

SHA1
8b1128af805869a6ff81aa4f98f923fa157ae0d7

SHA256
1eadaa4cbf337e99c09504f57d5857af2a77f78776c26e69e5b0712ad29b8077

SHA512
070bdbf4edbd8d7b86e9b5b6fe39928f22085ccbb88944e536b4acc1511d340a65dff6e5698b309abfb55c2dd4c68aaf6206643dffebb234b463d25fced89c26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
f14ee982c70858cdf1f6f901ceca01fc

SHA1
d894047e6badf0229daae31bef102ceb367551d8

SHA256
8ddb9191e4c52d2db196022729ce48636f09e3490ab85979122e9e4a5e6a2732

SHA512
4391e0529750f8f95ba11c62a18c406e5bfe28923b9b9ff31a6bb44616f36a018e0f03fd02b1b9ee58b2281f05faa96f037c34754131843708aea34dddb56e17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3c7849c159017aaa3ce6c146b476d358

SHA1
35a16750c73ac05a53b31710b11d71d21607b59d

SHA256
caa08faff7320ecffc043d3c15b46af557fdbe9d325f0b1ecd90b3086755d36c

SHA512
83b810474b0f98b015ce0f4da645b296434ee6d4c0f2d404d0cb11d8fd7d9b4ed7f59a26575de121c8751dc3c288abe60b23dab89655c24c8aefb54460f1a30f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
51367c2a34e741227b036c79a858345d

SHA1
3ce23c21743060a9c3b71404ea8ce9121f5df377

SHA256
4eaf833df1fd17d4449ac3a7f5aea654e2a17d6ab5f4f1ad2c41bcda68e9e232

SHA512
b23fdd584ea4557c49adb001784917eb56741e2fb8e0bbc4507a58ba3db8d7989aefc613ce77b5ee6e6388ecd768988a23b04a12e2cc422f0137849a85328cd4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
b3fbb8a02260d5e41407a7e1af3ee2f6

SHA1
9180c8b9593405936b0fe52272571b63829525d4

SHA256
8c1434a31409aa606a51bdae37e0853597cb408a2cf199f05e02705df3fc15de

SHA512
8a6ec40722054025a8969a80e795b026fc806a0710eb2f9e016feb68cc09a19333404a8a62910e9b0335729fd64e8e1b6250513ffc334dc8d669d96de62eb5d9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
cfd585ce0db9a1484f8223dc2cfce2f8

SHA1
4e5e287160c05ecdff8acdfa0899faa5bad4de82

SHA256
0bcae3ddcadfadb917e4f910daefde07af8d2708b7795f3a1146102dcf6cf445

SHA512
b45dd6c3231a79155508d807d4b6f839d49e6120841c4f31147a83039515d3358822fa1fa4ae6f770b4369b96f221326c0b80dc2f0cd99d605440b12c93fb648

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
26KB

MD5
8525bdf1faac287d0697362327d082e1

SHA1
b70ab4c04a57f564fc9f2dcfceca4d897ed8210e

SHA256
df8e5e5cd1c5b0a30cd42869b59c582171123d028ae644aa6b1519a7f967529c

SHA512
3fb144429f2b1154b6187ed6453ddae9863b84b1c695628801da1d0ce391c57f8328f1e97967ab26cc882234dd24f4a1184a1e10f1ed5ec2c167527a12eb6200

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
29KB

MD5
43323b8578c14d0d7a5227d48cb7ec72

SHA1
dc79d7911ba52b9979286e85f221fee2bd51adc4

SHA256
606523eb8abdb454c246a09512ac0d45d99fd734df9511f634bf72648aed1968

SHA512
79dcee7865e656d9182dd8a57f1cff1f84df92483fddb8a2009a6b05cc89cca8d7b6a50a9d6bed2aaf710dc1b61532b9bfa9d5e2fceb9df265b74b7317864045

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
90B

MD5
550aa3e6479cd26207f98f6eb7496093

SHA1
8718a1fcb127cf3a33fbc7cd288fa2cc7ec77bc1

SHA256
3a265b98349204f6f71a4d3a7a1d999a4146ad719ef000e19c11a1ca6848ddba

SHA512
4bcd0d63c464472ebb0d182b6e8748a039c7a3abfd6b024e578dac23a51ae4285946750b0c00b406aa6168c54f99be297f1885f21343e547c89bd7c14f1a5229

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
26B

MD5
2892eee3e20e19a9ba77be6913508a54

SHA1
7c4ef82faa28393c739c517d706ac6919a8ffc49

SHA256
4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

SHA512
b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
90B

MD5
75374e041c92fc3fdf6edb95ec175ec3

SHA1
6a56bafeb54e6185faf33ce0d4dfadbb24263f2a

SHA256
4522958a2d50e3fd13dcefaae9075337785ebc9f4daab71d5800ea9a76cc8d1f

SHA512
c97238075f51f71fdfbe4a45daea4c81245e80eff1aa01507f8bf10565b49baddaedaabf4cac5b1d04771f9ec0e22c40c4ea61e5f681a1ffb45a25038a8b6b3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
6da8965f6a1451bb103ecdf9de28dd82

SHA1
32757265cd2b7915c35e0dd7c814eeb0be83e545

SHA256
cff399e31da55c27309ba9f8b6ff6a6915a9555d2f31181df9580486b36171b2

SHA512
bae2ecabaa332ac0a224df9ce1ef32699ca1448bad5b72d980a24a673b6c2adf3451e705416f35eb494ab0150237c0ae441192329dc03023e9255b68ad7952d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3dd7e5e56271b9ae05296edd0459e799

SHA1
9ebd5f318bf1cfec09eb096486f39989206f0a7e

SHA256
bf0fd73ea70ede183f09899e4f0ba45fd2193c405065230eec25fa28e0285092

SHA512
4075a81a09331d6608bc9eede02e55f337a6a81f188b69382571979c3802a892ea66713849356f5c03b28177bd839131bb2df2c6c0bb1fdd51f3e3f430b91d03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
ff5dfeef874f90ba60e31b32fb21cc54

SHA1
d72a0e20eab5d4048006c90f9d091a122450b080

SHA256
7c097bc21671d6a6a7bf57d3e4118d0a1aa6f08e5fd6316be549a988e0abc8fd

SHA512
bfe654d21b4d1fc9c17523cfb263208a88b362aff64b866b567c0ce64715692f310611fb4451925c804bee5ac72618423cd730999b1bcbde50e2e9ea9f26de5e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a8ca0f7c23e842293b93cbd67e527759

SHA1
82987bf1b46fac1ad0fa8087b24af915a80bfa20

SHA256
a2e0bc500c4db0066e6267de634a991b9bd64aae97042ec941f64c361c3f52bb

SHA512
0a8d885e766179af5a9046bc1239dfd2bdca683fc9511bb555dfe799528149cb1673c1350926351fe454f10b67c5bd23c6fc14af88bbb6d4fb2921af6922f064

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe576571.TMP

Filesize
204B

MD5
5591dda8701ae14aceff9afdcd0e2cb6

SHA1
b02a35ffc69dd430f2c90cd91b175c3116b6d23e

SHA256
ce13f792e61f9f53aacabacc8b467b92c466b9901586d25d7fc49fe31f8e75ee

SHA512
4d852aa31da8d5e257941fb08386fa6d67b9676c84ff558154c188caed0c1b0d645e380dc44bfed6d4572a411478afed7e61fdb826eac8cbb7704d456cb6e1ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
9KB

MD5
621f3e0dab45607a61950438fd91be5c

SHA1
39f6a10f71b4fd917ed87e8a5289ff01a5c999a8

SHA256
4c4e16c724b9edcf1bf211036572dabcb71e545a56aa7c5b35368f05d810b8a4

SHA512
3ea2585c940482bd1432f96772741d6cb4b1b177b320c2ab2ce6cebb767639c540181ea87af40cb6b0bee14866ce0ed154a3ae36401beb29585abde3c299492f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
baccc2d6724e330595dc51753fb06eb6

SHA1
3f0352acfca8e4d4f4e086ecc0b48c2395eb11fa

SHA256
0a5fd8ce41f1a1e4b0c3457a5386cc6bbcc863cd60fa902c91bed4f8d291c33f

SHA512
8d164f9597babf4c71fb6e20c9f27dfd29629596c5fbee8c1dc606d0419f0bc8dc56ed275caeb6cbe68d92e366fcf96e073f12c40c68ba126e2d6873c22ff734

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
9b879a573aba425a1292e2f248cac42e

SHA1
e6e42d8415a39487acda720300ab3a8875417c0d

SHA256
626930e99648c877ddf2545ce2bd8dc28ee4139c015693633245dfc238b61160

SHA512
fab70f5a278eae9276bcd9c03f0b96042f4510ad6a0e4bfad3d3a18c04e571ad85aa5926c70b10a1da7cfd1fd1a8aad56038723b698fa0dc25027f9184b6499a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
13KB

MD5
460dfd5df2a4f2a7bde98db444664f5c

SHA1
2010d04155aa71054bc559cc63f79c09e9562520

SHA256
91a87af42d89e92c71cbef42477a9a8f22df02940d4e034cc7e0399ed3f0291a

SHA512
a8c401444d5883a33cfb4e1adb147bf616ae9b9c1fbd9863fcd792c4abe431a7a0c2e36937174016171a2814fdfabfabb1ba4b4e35c504b5134ac1eaa60086f3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
13KB

MD5
f0133f3d60225c12bc129f1ef247c38d

SHA1
8bd79a503cfecd3cf4deb94482837e95c406078f

SHA256
0fa5e92928b9fa5724f0d6ddb7ae6cf9ed94a865a238b52f519111e91346a990

SHA512
8f393c867c421b2a8244f893e5c51da28c83a652833afbdc0636a509414b88e21c1273a8f27473774c5035ce189a265337bfb823f20a5004e0d382f8d19505bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Webstore Downloads\dhdgffkkebhmkfjojejmpbldmpobfkfo_28194.crx

Filesize
1.4MB

MD5
e3d04502c81832eda64b0302c1c8df3b

SHA1
7e873d7120346b00332259282b04527dba7c6cfd

SHA256
3569a2d692562e822e27de310e2aad8706f7e5e38e0304d6c40bfa7c76df3b59

SHA512
85bf927b4ba320ee7f200e6a7c624963f5515db837dc38039b6b205f3885f571d1ec2819056464e4d4638e777e9688237e43f58f3ed9be231f47fc2f14dbe7d6

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_vxa3frpj.ktj.ps1

Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1956_1962944395\CRX_INSTALL\ask.html

Filesize
295B

MD5
0a0678de4d22b2bd16e1540469b1a7d7

SHA1
f5eb972d760c081625c20138bdf8bea4c1390912

SHA256
48d5de24e273852733796f37cdeac02d7320494ad0d207fce6894ee9dc34b725

SHA512
8f8c489ccebf4b6e42c523455f1c273715ca97bf5f1637d760093b6f401d4b83e5b1fbe235ebd1463d1ef20ebc50732c8bf9d40ccbee92ba94c0e5af50ae83fb

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1956_1962944395\CRX_INSTALL\content.js

Filesize
29KB

MD5
c1b1065229b5916a5f0e9b74e2e6429d

SHA1
0d0b7c0a516a71efce42507f435f567f273264a0

SHA256
426ecd0c307414cf424fa06e019b6dc5264ade928d5fb76e2c64eca886077ca0

SHA512
fbe61151f3709dc46229152b9981e256d5844b5dbdbd80661235db6d3c3709c7eaedcd9a06cccddd3f506bb363c72884feaae8ca50fd1f0e4cf8792ad65a690e

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1956_1962944395\CRX_INSTALL\page.js

Filesize
38KB

MD5
ea42500d0eb88bd4bef2d98582f71852

SHA1
078a0a8a2b01d3db57a476586dace7fbbb84b38f

SHA256
4b97860eab4e58a90680c319543ea85e9a7b52e4af33bcf90650c27e8af2a94b

SHA512
67915d984e407ec6702c4ec1429241860825d5b5052b393cfc5dcbe92fcba62e4ae3a082610844133e9329c1e0dc1be183d6f14de42c166dcd6a64636d516448

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
94ba3ed19f89e1a0327c10662f5138e2

SHA1
ba91a2b642808e9c3865c960398db9a4162d5cc1

SHA256
9b0729c74e680c6e973216efa197fdbec6f63a596f1d0bce817172575489279c

SHA512
2de0b4017cb8b84414d897d85f5ea571cb27a4f49e0ee78dc41eb5bed77705821d3d71f6ee8ac88e710916c5acfda78aa559c184ab721138793181505cde0b72

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
8KB

MD5
d4d8fa3fd32f377f5045c21435a9bad2

SHA1
090875ec7cb6a5410ebf97582983cec5394d5329

SHA256
2ed3d9fdb510ae929a1adc6f986a577b73ca6fb9678bcf63c1e8274565cf0624

SHA512
16b09c39da8bb2002152905be712e22863d5b76502c94512e1baa6f40161b0e6ad649983cb84b6ebdf7c47258b5193a9ceae012cc8312cb739c8d328c47f4073

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
3a6e852f1b2dea8f75a445ee733542af

SHA1
b4aca5eaf594c9c2af37372a79266d4228ae652c

SHA256
a8c893e55c630c2b4e8bfff20c1b1a9526ab9f7de9bfd2a7cb9dc8ca7e577c05

SHA512
f86a07fd522e8c0b35f061a8b06f3c3e0bb5f1373bc69f94b3c0861e8c5cea13c27498747cb57c91076be8af00c82377f7a2c058fcf736d96c942bd7c6d231b1

Download Submit
C:\Users\Admin\Downloads\aebaa2cf-2ea8-46af-a579-a531005699e0.tmp

Filesize
42KB

MD5
ed9103637c08ca871a9e155ae5f29f62

SHA1
0064619c05aedf24da8f77dbcc6ffb436bd4033b

SHA256
b55d10802138acb0871d7933255641040c01d813e893dcc31454b42664c3c646

SHA512
6c422e983e6c90012188c917aaa2683b2a0a053ed81059a24997e34790111deec19cbe7f92b87c31d6345bac3d0d86c3d22f5b2bdf30ca655add4c67ad1735e3

Download Submit
C:\Users\Admin\Downloads\epicnessv3.png

Filesize
42KB

MD5
ed9103637c08ca871a9e155ae5f29f62

SHA1
0064619c05aedf24da8f77dbcc6ffb436bd4033b

SHA256
b55d10802138acb0871d7933255641040c01d813e893dcc31454b42664c3c646

SHA512
6c422e983e6c90012188c917aaa2683b2a0a053ed81059a24997e34790111deec19cbe7f92b87c31d6345bac3d0d86c3d22f5b2bdf30ca655add4c67ad1735e3

Download Submit
memory/2132-145-0x00000160F7040000-0x00000160F7050000-memory.dmp

Filesize
64KB

Download
memory/2132-143-0x00000160F7040000-0x00000160F7050000-memory.dmp

Filesize
64KB

Download
memory/2132-133-0x00000160F7000000-0x00000160F7022000-memory.dmp

Filesize
136KB

Download
memory/2132-144-0x00000160F7040000-0x00000160F7050000-memory.dmp

Filesize
64KB

Download
memory/5484-2159-0x000001FCD6E40000-0x000001FCD6E50000-memory.dmp

Filesize
64KB

Download
memory/5484-2195-0x000001FCDF360000-0x000001FCDF361000-memory.dmp

Filesize
4KB

Download
memory/5484-2194-0x000001FCDF250000-0x000001FCDF251000-memory.dmp

Filesize
4KB

Download
memory/5484-2193-0x000001FCDF250000-0x000001FCDF251000-memory.dmp

Filesize
4KB

Download
memory/5484-2191-0x000001FCDF220000-0x000001FCDF221000-memory.dmp

Filesize
4KB

Download
memory/5484-2175-0x000001FCD6F40000-0x000001FCD6F50000-memory.dmp

Filesize
64KB

Download