hxxps://cdn[.]discordapp[.]com/attachments/1104083995077132308/1104084034285473882/steam[.]rar

Analysis

max time kernel
1200s
max time network
1193s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
24-05-2023 16:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://cdn.discordapp.com/attachments/1104083995077132308/1104084034285473882/steam.rar

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\5965a233-1eca-4cb2-8a7d-e9a11fc3072f.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20230524164754.pma	setup.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133294203970872708"	chrome.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-144354903-2550862337-1367551827-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
3708	chrome.exe
3708	chrome.exe
3272	msedge.exe
3272	msedge.exe
5992	msedge.exe
5992	msedge.exe
5440	identity_helper.exe
5440	identity_helper.exe
5360	chrome.exe
5360	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 39 IoCs

pid	Process
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
5992	msedge.exe
5992	msedge.exe
5992	msedge.exe
5992	msedge.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe
Token: SeShutdownPrivilege	3708	chrome.exe
Token: SeCreatePagefilePrivilege	3708	chrome.exe

Suspicious use of FindShellTrayWindow 46 IoCs

pid	Process
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
5992	msedge.exe
5992	msedge.exe
5992	msedge.exe
5992	msedge.exe

Suspicious use of SendNotifyMessage 26 IoCs

pid	Process
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe
3708	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3708 wrote to memory of 4964	3708	chrome.exe	86
PID 3708 wrote to memory of 4964	3708	chrome.exe	86
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 1536	3708	chrome.exe	87
PID 3708 wrote to memory of 5072	3708	chrome.exe	88
PID 3708 wrote to memory of 5072	3708	chrome.exe	88
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89
PID 3708 wrote to memory of 2036	3708	chrome.exe	89

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://cdn.discordapp.com/attachments/1104083995077132308/1104084034285473882/steam.rar
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9578e9758,0x7ff9578e9768,0x7ff9578e9778
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:2
  2⤵
  PID:1536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2164 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4824 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:3360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:4436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5140 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5144 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5392 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:3152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5376 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:3784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3440 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:1448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5892 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3440 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5608 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4504 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:2388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6272 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=6436 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6660 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6380 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=6968 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:6024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6476 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:3204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6416 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:5716
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5816 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6648 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5784 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:4836
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6624 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6516 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:6072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5748 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6284 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5596
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=1776 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4860 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6876 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:772
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=916 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1768 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5264 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5068
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5132 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5368 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:6060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7036 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:1400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7008 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6008 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6876 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2412 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:6136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=6120 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5836 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:1384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5436 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:3384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5984 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:5244
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5972 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:4380
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=5540 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5176
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6020 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:1584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=5460 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:1616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7068 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6492 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:3392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5704 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:8
  2⤵
  PID:5520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=3252 --field-trial-handle=1816,i,12817412450181769666,16356974599315103086,131072 /prefetch:1
  2⤵
  PID:6024

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:3884

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2600

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\Temp1_steam.zip\login.html
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf8,0x124,0x7ff9532446f8,0x7ff953244708,0x7ff953244718
  2⤵
  PID:3340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
  2⤵
  PID:5008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8
  2⤵
  PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
  2⤵
  PID:5204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
  2⤵
  PID:5232
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4524 /prefetch:1
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
  2⤵
  PID:5612
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3772 /prefetch:8
  2⤵
  PID:5464
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
  2⤵
  - Drops file in Program Files directory
  PID:1464
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff7828b5460,0x7ff7828b5470,0x7ff7828b5480
    3⤵
    PID:3068
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,13535192761623928615,1407679206027814413,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3772 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5440

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5388

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
302KB

MD5
af1e22716ac61d0c8bec4ebd2e4ef1eb

SHA1
51fe133f9a78cf7e5a6c7404344ff0787ec48db5

SHA256
3639b8780f3ea41ccc21dcd57b4bd720a1f701b45b4e8754965abf899571ae03

SHA512
c3eb31778a73610a5ab934c948b41b5378f0aad97c4bcf39c593861af6ee8efe00f4cc63af98178d47305fbc41822062cab405c515b03a959e95bd858fbeaf83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
76KB

MD5
9ff1e444e7ac18ef16187e9b240030e0

SHA1
be740b0c236bac9c3d11c43f3d2162affa3ab20e

SHA256
58989f81af4c92bb3861d05c8c403153cc8d50143d3b52b0c29ee8cc5e2a5d69

SHA512
eb38616b1435748d765eebf4144b221ccd542af1493a3c133d2c4a55e386a5bac164fe9f5021c9944d960a83f855badb83418ec28ecb38425852c96890468986

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
65KB

MD5
b073d577d7e4df41dfac73ee1d0270fa

SHA1
6204b9242f8df0124de9ae7b31cbebfc85201fca

SHA256
66fe4c2a21e0f0cc46184a7b679e1562f3a7cda9cd8a16a9a446b9fbfe18000f

SHA512
c397bc9f8f0c3dec9b38d07ca35473fa103c96e58c414fde3352dcb47db262a887443865bdf1ef36e6b8aee461775feb34ac1eb3deed736673cf13c5dc828a0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
37KB

MD5
519005befdbc6eedc73862996b59a9f7

SHA1
e9bad4dc75c55f583747dbc4abd80a95d5796528

SHA256
603abe3532b1cc1eb1c3da44f3679804dd463d07d4430d55c630aba986b17c44

SHA512
b210b12a78c6134d66b14f46f924ebc95328c10f92bfed22a361b2554eca21ee7892f7d9718ae7415074d753026682903beba2bd40b35a4eeb60bf186dcdf589

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

Filesize
210KB

MD5
282ef64043bd442469c6963d11a39a5a

SHA1
cc4beeb8669248d3c276563340d4b690e92506b8

SHA256
98b95f11ca4a0b1ef9fddb2d34f6343b036651875a6f84fd726993ecbb779880

SHA512
58dc1909af447d071959fcd2aa872609b8e8b7d417731e8fdf9be3c02ab12560e6c8f04af8068205d95f9c43181b2c561df3eccc30e4561aec201c55f6556b24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

Filesize
339KB

MD5
bfb890b5a9f4cc21610ea111124946cc

SHA1
8b52eb96d68b330b144a075dd99052dc0d5746f8

SHA256
aae385e427c1e9f1b4ae92353483e342c7d9b033efeb76419e66bd2b983556ba

SHA512
a1cc905a6225641cf50debe7cb65dc91290d479fa5debd2390fa90285768e66931fab7930945b25817583f4df34330e405d51bdf7fdd92b290e04acb38f6a878

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

Filesize
103KB

MD5
47ee5800e9038fade9a901c90aa080e1

SHA1
60d7aba5837f352435f4917cc16c68aac4696880

SHA256
3f4d1b589344e1fe3cb33ae428091902fe80b1c30e7dd3ff5dccd3da2031a9f0

SHA512
a9a692ddb79540cea9c4d195bf819785e3cb24cc19c2885a94fe65203049ee32b168ff6483ef854c94970abb2095f06110c7f8344ea0cb7f824d7ac5fbf0cd56

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

Filesize
48KB

MD5
ae86ecda3dc99d604e98e782b5143b1e

SHA1
1c5d63c47a679dc38dbc764a645ef1a000b79a65

SHA256
c2caade41a466d87af0fdfd2880068e66d84af98785bb5cdbabf4d80332db7d5

SHA512
896553378df735853d4e225cbf46e3e4c97461927efea78d95e0a4bdae95057aba586e330df0001e8908514ce80a6be33aac57cbf60bedb5c73a6454db3f1446

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

Filesize
20KB

MD5
39307e27138b106e53f1a4af27d63094

SHA1
9c2fbfb3f19bf72a282a101d1c802c287dbb5fab

SHA256
07c09b206faa8934e6b12c518a4f834d8bd5b2bbe92a07a4f169173ab620b464

SHA512
8e48c468cceab8dfb296c62c2fcf4e82adde92fc06e3b14418a4cc08dea5712aaa7f61eb5421b9d5fbc0803b1b8f2b05a344a2e3db7831212af9e2579972bc52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000b6

Filesize
88KB

MD5
1611d3ad348662ad4af22df3de614764

SHA1
51257770531f53da63e3a3253b9e6872285ff2db

SHA256
f3cedce33a0fea33b6c0fe858df48187ffa099acff39b23beb141fdf4ac60eaa

SHA512
d8bcd3f7ece022ac6bd8670e0bda953da9b09150ecff0d5c0ab2a13c4d728571df61459e93afb6eb797864ca0bbd1ae2153c8aff0caa5f9a6c34de9e2c185077

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000bb

Filesize
105KB

MD5
2afd421e84091a1f1ded21f0c74b9045

SHA1
d6985e35b96c378824be16ded1a6e908ebf4d643

SHA256
2d7ad8be933142911af802660f9cae768e53690d5b15129a0ee76b2b61a9f31f

SHA512
328d321dd81e4c5b1c60539250afb6d654d12f73d13da343cb189bc815098e5520a6a720ef8031139ce05c294469e76942a2fa8584658c7a31c8b723cd5e1254

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c5

Filesize
52KB

MD5
91373106e7451b7615f00eac848231d0

SHA1
8e1a787135bff42826753ec36880a49eef54731c

SHA256
eb57bc202b7fbeb653789b3ddf9f5398ded0463e232895d844f9fc50559f5176

SHA512
0dc87cde1067e7dc8fd02f2ab86a824a9a9a494b866c6a0cc94e0fe8ad6a14bb5854a0f4c27ca9a54ec9a20e92d04706398b7517e35d567efb000eb14c79adc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c6

Filesize
81KB

MD5
a4705cec7e44d8238faceca0096089ab

SHA1
550dbacb6dddd458ec1c235d74f34d9383bc0872

SHA256
003e229a0461e9c6017f8609063c3fa7c2fc18c9f2c9b0641a1ec095075b50e1

SHA512
0ee134451b9f001677d2c534d1a775cfc4018b67c4b55504b5b5c9fe4ade1502ae10d5bc596b6b5ef948f725e2bf4f68c7388ae4e4682aceefc536b8b220eb50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000c7

Filesize
30KB

MD5
ce4e569adfb50848f1771ba0e0c3031e

SHA1
4206ac1da2bc8e892737ad2f86b34780412a488b

SHA256
bcf945e6aa28ffcafa46cb9ba70121995470f1e44ef9fee2979c71c02b60e9db

SHA512
9e4c39c6574ab6095b357e8deeaa3833a951e0b2c0e8c6da2761e1609b4b94815323483f3a993f0805e71ea47bd28ee7fbcd6fa57e87fe0f25b062c75a855c6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cc

Filesize
76KB

MD5
d8c3c6768c320363a0b89ece09215de5

SHA1
e22d9553cc4bd03623fc77562f9855fe79deef30

SHA256
5327a3c1ace07ef53efedfebd92acc2bd6af4fa2b09bce99d6c640e36cde240a

SHA512
98850460d476154f8967c22e614c866848645de96489ad080b0d109c5b22481752668418c72c4d21ac78cfcfd87bfd792a50efa3b9435071005fb9fac07f1c91

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000cd

Filesize
24KB

MD5
a42c6333a13e5376af95f46fd9c7b627

SHA1
57a98e519a44915e39a0cb6f23812adfa6611e67

SHA256
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b

SHA512
68e511708465c75662845c55169de20572adfb359e1f4fd037c169bda44d853fdc622794912406b1908b585c3965d4a8612c007af9ca2601dacd4a14283fc894

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000ce

Filesize
162KB

MD5
08f3851748975142ef7c08a8ea1ce61d

SHA1
31ffb52b4d2e4263a2b5a19195ee1784bc884a15

SHA256
e374d418c7975a482356a79e25f0722ab71616be443cb19d96ef88706937bf30

SHA512
d4b86e69582cf1bc33991cd44eb1db26eff3013dcc7ed34d8b7d890be510ef3949a50332e732c22182a8fcbba418c6ba18aa031a6f0b5b621ea2211e665af3f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d0

Filesize
26KB

MD5
282867559cc99d4265c0b2dd6691a697

SHA1
5cb680f536163dfbbe14bbdfeaa1846309966145

SHA256
fa6fdc32737da1a588704cbdbc7fdc804d26d98bb233a25bba156f421c039da8

SHA512
a307cc86669133c68b6452b2fa6e29b25a2f88438a6c0ab5e85af9a1594461c1ffec88d785b84f86f9210c05d1591e43af3de8cbd718eb8ac650e5369d80b98d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d1

Filesize
20KB

MD5
4ab212d67df0d744f74a6f6a257b2653

SHA1
7844504c6b52741b4467b98856b2da4d2e276630

SHA256
6b5ed11f9d9bfad094e0177b6339804dbdccfece80ea0636343349543ca69c63

SHA512
49007eda96079f2a85bda5836ee21c5e9e1812e4b2f286551e6935bb61534981b4df7dbbdedc6c1fce487406b934a674ef4dc69308bca6579b93c9c220065e6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000d2

Filesize
85KB

MD5
b25f86737446bae76ce66cd94bc03682

SHA1
f36f45df1b1d291b4d9adcc6bf6a95dd1d2b83fc

SHA256
7cc9d19b2f46cb48cafa5c8065b7049dcf0e086504bb156a9d64d81ff63a41bd

SHA512
c0313bfdb5f952dd6bc2fc92089d742377366136403cc32fbcbed0d27ab99bee873ff15b6c4c60f874fc983b9a35ae45b7750965faff2b5c3a2b3cd806b4e80c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4e48193d22a50d31_0

Filesize
1.5MB

MD5
eea3fdf9c248c66951072ca2af041036

SHA1
011fd361e0235806738970fda43c20a3933d2560

SHA256
51bb42ce057ecbcaba0c69958cee33953c355cbd67bd042bc90545bcec5b826a

SHA512
b6a06abaaacc245a33d5c6e25a4d06dc6d5407dc5cd61ffe37509c550b7e9112a8fc5b8124b64db957206694c2f608dda283f428eeae4887d2c8283f2b79e5b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5ca1d11b3d1e3d20_0

Filesize
406B

MD5
9877d7050940e037f4c1f84fae511cfa

SHA1
5d6609335816ee47bbb6863421e510196df2837e

SHA256
b29ddaf29985670027b3943f88bb309253b94bfdfa74a9c36cb2f3ffdcaf9ce8

SHA512
6b95b71969110958d53639d3029325b954eb4753c69b7fb25965b1e584afa1e3fe77de7897fd16ab5cfe4009c13053b40a77cafa029678698f32ce278edf8056

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a9ae3683fe6fbe14_0

Filesize
527B

MD5
e3a3756807e58b2db43f3d8e2eee6446

SHA1
1e9a45ec5972ef807f894de78dc042f4345a7dab

SHA256
51ae8ce736e9f28a69420304c59faf6713d076e13d35bc0475e4fd4be9a926ee

SHA512
aa69271e908192d596957fccef5f1255df459c25730497e712c7ea5b24659ddd8542ccebb45984ba8e62fc24554a2e38ca298e2cb08ebc6a4fecbdc77e463105

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b0b968b7872ab737_0

Filesize
137KB

MD5
13fa9ca5b1c0af20a9a1b811c64ca0ec

SHA1
f700b57840d8841b7d54021fd16364c7f95c6ee6

SHA256
33c6171a43d4a0c6b87ec7d6d158de79f23d00fc46770791c464b925c6de0cb8

SHA512
b53aac11c128ce98a60ec1fd1b1db4bdf157539e2e554a01962aaeda8a0543e2e1228ca6dd228fb38b760cd168420d8ed4b8a3eccc9b807ec371365df87e0e10

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c5b28945dc664989_0

Filesize
207KB

MD5
c498ee473e42ea49cb2bbc353df1cd14

SHA1
6975104d75f979a5d02cb983b6981d1be26a09b0

SHA256
ce19a6fa77ca29eee2f52b931cdc87d4ddeddd1c75b7ab405a67b6b63e3a31bc

SHA512
ff87241a5bfa551df16e5c55a331f33dca58fe316126c8afc67bb5d07a39280af01c3ce9c03e776e99187d413023c2dad1a2540bcbc636dd62451ee267ae084b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc910ed673112ba8_0

Filesize
386B

MD5
f7feb006148f4604ba35d5b5b7ef4a53

SHA1
e0c8780eda43554174aff3dd697a57d333f24243

SHA256
15601d99a9ff87c34199dee89d84c054d87c82a0ba7abbd549fc5ce7ca6e01a8

SHA512
e5690ffcbe05805dde30217797b393dc2f8fde5a26a9b8b68fc6d82733e52d624c57bfd52f2b2b94920d13984ded6f8b24b721972771c0d78764520aaa77aa32

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
3d58ca398d31e62d6a7b2260e304cc27

SHA1
2a45599ef6449c5155c73f10e8666e6bf48054af

SHA256
88c0f958951427971404b93df1e428fa88fd8e49fa7d39ef4be799bf133f67a6

SHA512
1166cb71ecf89ac98b550e716bac53f556804706e7ab76767f6a1f802e4356f6a7518be41f1b3db4c00ff89881321db754b6a4b72d3df4c47feef1effdeb87a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
13aa8e1385c7d7d9fb040f10a4c1f9b8

SHA1
97e8c8d0fe8bc7b7f1aed12661a8d6dea8fe9140

SHA256
975b7287215dee1d69429cf12f20921763bbc3e98cb231250766953b6997abfc

SHA512
55cf61bf3a9b228392cab5d2002a43a314dc420301361ac0bd60b70953f36679446c9f5ddf452de7bc85b712768d5dcd15cf1dbb535b24454d9e60deb2abcbba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
8d5ba81ee92cbd4c83355316c9795fad

SHA1
887a7fe7371001e51f1714ded4b2a9f2c02ff7bc

SHA256
57d829392df0426903e51ca195e6388b8c8d9d400d880860249fd36cac1f7706

SHA512
c877d698e46315ad8123d98d1c0542e46c1016f123a835843042866134b7baa9f6df0593a5269437fc14bc8fb0bfaac93a30b2db10b5c8e3af9f6052d4df815c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
4a75fcff8b6169df5adbd00925d0573b

SHA1
1f7665dfc1813b163cc3d135c793e6ab9e60ddf1

SHA256
152d6a8d46b4e3b3412087fd36bcfb9db905994994f39acbe3e95aa34d7a7e5c

SHA512
1a1ff3fea62a797cb2a6ab5b6abebc2dccab53f32cb97fa63ba12af5aca214380fd54235c92c738e131a62500997d4092728cad49004f63bfa584842dd4a0cff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
ad76c804b9be188f00e8bd473a5dfb75

SHA1
48afc6fc4cbca2b1122d7ff02db8f3cdb45162ab

SHA256
c3c543ee2eafecfc795c7bfe68c5e39d5b823e70a7b01b64a422af950510448b

SHA512
28fd585f801e575ded92a14084a2892d66d61dfc916b9f6f77a1be36aaf69397b9722c502f9d7bc39a127d74de3a06b5164f9050b1e539b584687d3b1a65dbd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
c049bd125e1048948500f2b56cffe821

SHA1
129e478a6ef31a11c15cc3cc59d38807c715d0bc

SHA256
50760026e62c93b5764ee271ff163b317d8322e820f7f5a941b3f61bffba7f9f

SHA512
022649f7ee0d0bf63a97731cb6f5ede8fa940d885834b16b74dc421734c867c98640ec580149e80c3b2b2f6556697d3743ae47cc396c59975e1fa8b895b8f5a1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\611095f3-6a89-4f13-b5c4-a0d61200ffe0.tmp

Filesize
6KB

MD5
d150ded175d78c204ef409f6f8ae9ff3

SHA1
294c1fdf053f7d92793bdff0b50f0cd026ca03bf

SHA256
e88788674b9a2209ce7f17793d6f677c34331964974fedc898fb596b29043d47

SHA512
d227733b1f55e9b8d6ea1f1bb5600752b2e2e625322aa121344aa733a3787deb9547343e6fa648f7713e5d89a87425c73ded36424b557a091b72bcc9474a8441

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
522ba5414075a01c7f9817d4352d9c0d

SHA1
f65527d740f5eab57b50959ce54c9103700b397e

SHA256
ec27062b54b58cca6e7f8b0cac3f35e0eb4f6fcd1bb8cdb745c8d384b10ea04b

SHA512
91bf074461af4dbe6b05439d3c851b2cf20595dde171da973fdc333c7fa84e55db6b606bbbf93eaaaa84311cc1d289d69f692992b275c8e624c45a62161f4e52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
8ebcf165b94b442c60e785f2e32f0b9e

SHA1
43f58cab29904582d241155c98589b386d783bfd

SHA256
fecda3a6b81955f0052648a4441ac1982654e947d18067e0f368097d23d83c23

SHA512
7316fd994a96bf694bf35136f10059c8d9d26d79a565c2b6ae146bdb5d1e94367d21998f11c3c8b4c5d8a4a52e3bec533bbdbe76dfbcdf66e0ab7aa728d41019

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
15KB

MD5
061f1b23f1c16e97c18450410a1c3445

SHA1
cb5523d3e035d7825d1e51e4f25650700064effa

SHA256
20c8ad3fb0fd21784096dee56505288923a011038637bd8258010281c8620d12

SHA512
f50f109fd28910decd3b79cd44a9a6cf584945889afda6fcfe107a844acbfd3b588d58cd9cb226dadc488cf1eaef9dea439d6c09143c504a5850c966c6b2b5c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
13KB

MD5
6c803671f62b754f03940f72473637f8

SHA1
e3f53c59efd338503113fe0bc50441298c4022d6

SHA256
504181a2fb6d03472877f0c9de004d91959f3fe5dfa1564b0886261d05a8db3e

SHA512
72d3db12806f899fe12c2b116a800d97c4340a7e390378e95b2c5e719c3e13baa332c3a174385f7f48ce986e5a89ed6901027470ac18863cd22a90b7c4e7dee8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
8ac118abd8b67e47837fcc83388e076b

SHA1
6535062fae7d8f735b43566fb2377d33bb6e45fa

SHA256
cc7c5522afc78fa0bda3cf1744a836d21bc2591afabe8dc89c5ad2e47a988440

SHA512
169c3250dcda5fa94767e65bbe80f568598fe6ee2fad8b692d35d2b67de1f8071209ec5300bd570f1bb98d3404e538a0d95c2627d0cdc20bdfef64fcd3f7e376

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
1323f7923e18875c6016a5218765b7a3

SHA1
1ceb8eb6c10f3755721f6177795d7e7b466db7c5

SHA256
8068da997dd1d269bea8f6d67f4bc0179f56da06d9050596393cf74e14b6acb7

SHA512
e68994c8df1a498211516384526e891dc864fec6efca111686cdd0bb4ca8e38b1a299c041187930cec8dadfdaf272880809abf60bf8f10a94d42c40e5dab4082

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
d63fe71a6a2fc0d95676a565fea427ef

SHA1
66fbf5eaf0697e71dce28aaac0f2d8226688b56d

SHA256
f89d2c964ad0734e3b030d955683688301ca0af42329b248859d4a1d944d7eb1

SHA512
2cc0feb937eeb179ce4aea7933c8765bb890b19c7f456f86509093f70b49f31ecf605408fbcc55faa3315bd3f54ece7359c8e382d45d43126c37a31352409a45

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
3490c0bdb7a7bd3fd6b7e7d627029d66

SHA1
45ac7e46b856dcb6418b83aeb8093695972384a2

SHA256
1f1f7f435ecab54111c6e147c38cc9a5ba78f598ec447ca179d37ea3db65ccef

SHA512
181c16804369c1fd97fb49d72c12f706a320405a085f2d8898635f35d80ef5d064edbf650b22164f94632830ac9a89f689eacca6c9df73ef1fc533ecc5974eaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
1d996abadd49f0efff6a449b3886040f

SHA1
85006187d7aeaed00af0782ab56427eb147ea964

SHA256
23065c3ce79ca71107814137c849910fd957341a0fa923c4949bc124fdb30543

SHA512
22334e42eea450d5b125f620fe17d21d46aed924f4963b5150e729684f75ca0815406dfa24eedcfc58fd1e649047aab0edc1b71e9197dd67b4bb9a39c6e6c5de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
9f98eafb08ad4624f1bc4a33cafc7c0f

SHA1
ba1016064067435226430eb8f9c43589651c7083

SHA256
17ded97601fa77f8bc6627938d70446e05d72651a67a8391e9aef22dd0037e90

SHA512
f4c29f0dc2e4a0af5feb41e6ccbc4b450a66bfe3df59d50aa8e8aad12fbeb625e23aca8a79cd259d6c5dc9f09d4e8ed6db3c55b1f6d25e75b6cb8d7a338477b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
2971d0359a4fd07df4c0ad793844a171

SHA1
06a8015b3b99c530592ec8f6db78b653f7f86c2f

SHA256
32fe54c4a47c4ae668f404964782823c0429e38d1afd8090cc06a083764e007d

SHA512
e0f103af1f2343cca870851801cc2319433fdd7fb055db79d72287575dcf18cfdfadd5d63d0f4d4fad3dd370d3cb3c8f42b9b4bdc2aa07895a64b008ceb358f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
87e3dbbf6f955ee63f704e845fc0efdd

SHA1
9ca5101d93da24f3239953538ff4e2c31e278f4b

SHA256
27d89d1517f631d5beae7be569d3268f4f09f6bb0d2ca387c17ce6735b5b8d41

SHA512
b148f568cf37103c65080f7f039f44f7ddd75299858a0f42a32656d4f43ae85aadd7c1df8171d440e86d4586ac8c43653970c5281f6b69ac02a739ce676c4f50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
5187327cb35286cad3c04867036a9d2e

SHA1
f6cc8087071cfe79b8ac6d24f5d02e0c37ed1be0

SHA256
4640b9abe80fc79265f8cdf426a0d73bc16075624baccdd07ddd98b7a9c20ba8

SHA512
c73d2c79ae32f7ee001da86b6dc97ffb3d981093fd8be943f3e5deaf5f2b0165b5a834ec12c68c05f5d3f41ae7be35498a831ffd7df63a41a2cf085c059b3870

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
b8fc901b92f0b9191efb4cce777e5d1c

SHA1
cea83822ab6ad0d41e701830447958c9dd21ea87

SHA256
957b186e25a1d9507aaf1d28e62d2756dc960d85babdd5d0d035b10a2ada557b

SHA512
f18094b1024a6e122f07569832198f58a75a9e3dc3f55f370837a439caefbf03b2819a2860c75695c512fb471327e83ca3389bb5a9a1d4b95c02423b2f894ffa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
6afabd0dc2513b8c797d99e9ca70f1da

SHA1
41ab7627e71bfcfe2a69709c8b544ff647b3c1a0

SHA256
dd39339d28eaa94ccd055bc3ffacd254fa08a24f2576199a4f5e55485562f695

SHA512
66e7b917ec4c60b3e3ccb1754d7e948674313e2eef8c4be0364faa7d0bf69ad173ce910caa3a46152b0b9b488956328c067a70b87d3eafe123a2bcdac3e8f228

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bd8407f7c75fc1883328b534358d166b

SHA1
b06789814df2e12397a9a25a447185e2f924627e

SHA256
16bb2f8926479f9b12f2dca35be2d33f4ea39e64c455be74bb71c67d8b8fe28a

SHA512
235bb02ff55c536e9ad3036ecb79176566cdca1981e2f153b3bba05546fa4303a3585787a6a1055a52048905cc4010606e2f3df24bee320053f19153e4891a12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
2e5f5dae21173b15d2a616c87b65940e

SHA1
153abef41325a35c88ce49a0d3f0d082a34d2999

SHA256
13234c9adfd3aaef5347206faea31b166bbbe136f8502ce3e89b668aa38463a4

SHA512
df5ddb3e5e619aa73c65ef2aab94b8b309b0ab350ec8b1ee58fc693ff02b056c8cf8cf8233fd5f2d5530e8f9bd46369c7d296120bc5a10ba350798783c2797c4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
ea2354b95a7089bfab605b7beb8e94b1

SHA1
a562c528edbacc10235fbb46677c837bc0e74d9c

SHA256
b2f83e943f965c04773118b0ee78893d6e960a27e655bbb5e0ba7ec8f97e6dcb

SHA512
58a5d9eb1aaee9a502f6d07d691bda4b7a1f560ab80a7d56ea5b1dff252e4c1134f95084a406612f1356e3e112af6ed9540383113d1bf0c8b507c29d09cbe5f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
2c37608083ec8cfd8bc32d8cb791b188

SHA1
aa5a11715d72b88cbb0a5972e315910df66facc4

SHA256
95778aa94688bdb437a956642109a3ddd337dfc74666f4d0736a2fad2bb545e5

SHA512
dab49ee93b40e806da8ee44ea495af8cf9961f2070f04684444d9d4d71a9c09f4c42329978687d7ce709a865f9f926c1ff3f5a65ab1f77ee76c46c0067c399c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
0fae5d3aec15ba382e3ab5e00c955993

SHA1
55e75d235e450c5071a261d2649b55f3e4eb2056

SHA256
a0b80bffc8caaa4a57f82f1a8fd7c289b318f0cee084427f300fb7f5ff8cbbc8

SHA512
534aa61127e9f0695bcaae38b1be69aa7fa453776e3ce9711d97dae90d9ee6b534929047f79b90abc8bd064c235ede53b9e261dc65ab382e1340b0fa75055bd1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
6KB

MD5
f32217e9a2cedfa2ac6d69158a032ab4

SHA1
a3fb1f93382423a586d32fca5a29457ff2dd233c

SHA256
43235e2bd42bf8cbb61cc65a5605472c7e03ea6136846441c1e5398e2cc25671

SHA512
e8f4f0ce3632fc9ed3b253528a5e6c82fa9dcd014a6fbfaa85398add1d4fe37605077518ca41df3d5781db52b46b5b5574a78a1bc0104229c85a3ef552a1a12b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
6981aa09d1c75b4e69432ed97478398a

SHA1
a6536303bbc809a52a37b066d5b4caa16e7d4bcd

SHA256
76a8fccb8c120a58c110d37259552a675ab7989ab8f7c5e096ad43463d0b1590

SHA512
2fc8c785648aacfa51df25ad21d15552fcbd32eab94019cb3fd9f7f37c7f4c14cddd03beeb961e089cbc4bf29461c0206f1ba8145a372f6a4cd8d22759baaa54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\f5bc2e6d-abbf-4dbb-8cc4-e50e09206c04.tmp

Filesize
5KB

MD5
9a5242f90ec8e9329806afcfdd017dca

SHA1
7a7cfe4584187bb7296c15a657541c91e0891a12

SHA256
624236eccbcba43e15fa86f38d234fcd0c2c5c64fd7d19239dad6911c25e0e6f

SHA512
fac5d4ff65610125543038d3941a4949cb1df6676789842da238d7176d4c4ed4db8fad6b570b49fc51abf9df07552981f2ebe786b0f5310282f69fdfbddb1794

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ff9ebe150186c6b137698b8614c8ca2b

SHA1
ff060c88ee35b968cd48476fd643464bf235617b

SHA256
b0da4073bdcacaecaa50d5e9eeb006fdd30ee15ae4767339b864c24d332cf895

SHA512
5e657a1877dabe8658c80f28770c314865ba0f6068fb764b83cf8463e550fbe4cf6fefc7855ce3821ac13df8be2b7d154f956e5ceaa82646f8abd7339db6bacf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1ccacbaf0f4346ce960cb3cdace20edd

SHA1
5e12089862d3c7ea0a9984c0a8e5e79255c449d7

SHA256
db9ff699a85de8447e299d78a1c23c1afcebc2d8bf5b16ce8ed0595e04ad9bce

SHA512
1455c9d1c286be991fd96a731231170bf27994618720f67b96b0b38f091734cc7eff31a235f91a38da031031ea0dc989f7a2c2f2200ae6ed52efdc407f73ca3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
42dc808e5415a5d4db58a5cc41706935

SHA1
87e73e767105a21e878396daff7520ede3396ffc

SHA256
8b756ecdce9ad86df34356dd521a98cb00719df7b8506e8a0ef20990fefa9a9e

SHA512
a005ae0a713433e2b3869f70596494ab8079c5f54d659a426aa128efe6422a2e18b83268fc04d40c1e04964b1cc44b536a53f8cc2b5fe023dc1a506b253d25f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
d34cfca3ad1328e2b8e2c2491f5fbdc4

SHA1
958cdc65f1f59f0955f913d624c847f9b4c0d5c8

SHA256
d6d6843483644accd7f61aacec725f7029adeddf4c85107e716d349279eb5fe9

SHA512
441bf70a6984ef0513c38d270b58ca4e1efa0befd38168638eed1ee28181454f2646c776d11d65763aa3bdb4456bcfe659096fc4fd95bfcf5336f88564ecafab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
5b4cf43de23c05280cc291ebf21e5fc4

SHA1
76ee2873fb987ca711437d9066f053de0d436bf4

SHA256
44af012c1c391dadc5f5ac00e75b0e12144e8c92f67b897bedf02506853f1889

SHA512
83611c75aaec8afb47921979724464edb29d2870a4c0d11a8657444f2ac60208545e1636d91e3b9703882cd72b369d7abd7e18e34dfa215e179e187a32b7affd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c366da8e3383eab1dc47bb49acaa17c1

SHA1
0f4e8cabcc99d084192881bb28418924446a77c0

SHA256
e1e77c00568b17a78d32d83d60f4dda116babe893dc22176d749c9cc95e55886

SHA512
21c085a80117a127d58981ac3540480e4637db2b24366ca2f74b4f30f617ba4e47717d6dd8c1240b66dc02513da42e7d9829b2ec4d13949f4aa38b53dd94d702

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
774d622b49ac5d6d4a5bbca53747ecc9

SHA1
e071c91e006db9ecb6bd5501d199a6c33fc496ac

SHA256
02475398646f80f3ed928ef7d9d5d7f1400d24fb99d7296ff331d0f9e1f844e6

SHA512
82456893e24e7ab752b9c21bd9f032fc333a90f5ff4937b638effaa7152ae712dab0991a1e0167fed7ecc4ebd67c763dc91f8ea14589db36ed14ce40c73063e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
ca4abe9149abf115337a5cdc6d2ce98d

SHA1
ad4b6f3328b18665a19c13aebf92456295dec5f0

SHA256
4e0576650a28f4d928365a41af4d14f838c30f3337e35dedd50dad8a6bc7a206

SHA512
095571876c4774455d8cd0c38fdbe7fd00d83b59cb56e8b5608970e700155a26bc9307fe99d94b76b5872148473e2249f85c272add44753cd3de465833171336

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
6237119ece6887129f6346049a995cca

SHA1
10194d86c56267e98b879e0da167ee6f3e250844

SHA256
d561de7074b9d6c52c340aeb77562a2a501b87bececcc73726a927447d2aeb75

SHA512
73817deaf10e38d0654bb28898c7c461891f9ecc4a933a1aa85dec8e05c8acd4bb3e989749ece1a84b20b7ec8c0f1cf73f1eb1ce2f2f48f118733d61371d8632

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
03d14db4929fe3508ecd5e8654302bc5

SHA1
492333cf886723770f99ea882cc5362a7d79e821

SHA256
1d143e631fc5200bc45574f5e1df8db8b2d42073af122e477dbfd688b30aa550

SHA512
4b9a0cf97c19e350f9d86d93843f5bc7b9f3ceed46fed3208d46a095803e1fdf07d5768fb493408c3c8be7dee161149a1fa372e250a26496ebc59e7d99d6e70a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
abb86fd47074d73493ad20d0bcf26417

SHA1
4fa8dc7d13acb26226d546d75fe3b8f6a2b74e8f

SHA256
32236d82efbbc04eca5585a72594b9d5a24bb57df5e29ae1c86596c4878942d5

SHA512
01f16b83fbe4d91eb1b831f7ff628cb5e58d7a90b16df35def86db47ece029964a8736cf05275dc79ddf08cac9eec10a36863d9fccc0b320a74d1ce6f2e0ff18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
57a8d1946ee0e4be44865e447d3fa25b

SHA1
68d66ea2c40e5f235da58043c4351f80f1c6e6e5

SHA256
566f5cfb12d3f68b83e648263c41d9a4db888ed96b0b8d11fba1228c056e4a9f

SHA512
e93d9ec6c57be16c11a4cabd71b38f4a8e48965b4df4d084c05ba79fafed7bee187f6905195cecb08bcbf9f6fb63ccecb426b144103d8682077009c65cda58fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
fb7283d02991ecdb89d89bceb5f4203b

SHA1
83b621d7370744f3f3e6c54d0b58647f70906c9d

SHA256
0d300c664b5a9b6eba0cc8a941fe7abbe7aaf3b3afba910d4febcd831d8e8be1

SHA512
b302aa207ee879e177defdc2c3b54fe012edf32bb131cc3095db6f6defef75a3e21109063776718fe86bd50211bdd5a833e031c83a29ee59e07ad3b6886618af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
4573880a085aee137435ee9d4be5900f

SHA1
5180bd752250a204197fdeb5a48ade4718d1b89c

SHA256
566068484bb08a61f68c4c91efb5bc59adbb990f99b8f1721a0afc93325f3fb9

SHA512
bd3a1ea258dca1d2f53556964108281d38800738b085ebc87cec52b60153b3643c0a26b61037c3c2244f6629fc0aec1a9eea47a454de3a849066bdff67eb79e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
4573880a085aee137435ee9d4be5900f

SHA1
5180bd752250a204197fdeb5a48ade4718d1b89c

SHA256
566068484bb08a61f68c4c91efb5bc59adbb990f99b8f1721a0afc93325f3fb9

SHA512
bd3a1ea258dca1d2f53556964108281d38800738b085ebc87cec52b60153b3643c0a26b61037c3c2244f6629fc0aec1a9eea47a454de3a849066bdff67eb79e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
152KB

MD5
af6e05275f157c3e24870517b2e9c3e1

SHA1
643c53ecb01e00bc5a920d3470e3aec3fa9bfc59

SHA256
a409615573d26041ec4723b614a0e6e612fe6cb24670832351d264956a95fe87

SHA512
b094fb003a43fcda729e6d2f57aa5808dacbafd0263776eb6efacd1c3429a45f6443f173fe3c0f628d642fcf4e1aaf3da32f128e09521ea181b007970c8572ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
fddb374826057c4e586a4323f88514c6

SHA1
c6814f6160c818f59e7b9984cad2b2cac0f686bd

SHA256
e4ab521386bc04dbab2cb075c46496b2b403f43cd2d0e3a7a38d60db85c0dff0

SHA512
d7fcc0d4630e585c60ac8a066f2ef448f74caea0c5d3399ec9d0a645015ed086684e13460f641e5c13ed1e38484bfffed7ace2a3e31168833a88ddc8535d3f8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
110KB

MD5
f336315e44e1a5139b0ee2ed3bd16a4f

SHA1
1b97361d8f2a9fa4ca0a3ae4da50fdfdc09454b0

SHA256
76935d189bed029c36e8f3a841301ffefb777739b3d84aa8e54d51f19ebc31bf

SHA512
4e396eefaf43884b0a3ecef0459df87ca5b2e930145e4d429b8a6d7b9da6e9618e046db3d60a8550d0e33da08b408dcd06d7aa8e4ec30e371685ef92f6681b4b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f201.TMP

Filesize
106KB

MD5
e9feaac76bc445777028c4bd18e5f40a

SHA1
9a7b1b252ad0f246697e8223c6021afc6e3c8ab2

SHA256
c9b17f96112e3d19740dfb44ddcdba7e6bb3693e901cacaa5f41519661cf9e3d

SHA512
645e193979913e5b30c5b8f446b1365baab819f2809489cb2554253e26d5f45888890a88511bda7988a83e55258255af2bf7261363bf6f48b00b56dee31d8e46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
462f3c1360a4b5e319363930bc4806f6

SHA1
9ba5e43d833c284b89519423f6b6dab5a859a8d0

SHA256
fec64069c72a8d223ed89a816501b3950f5e4f5dd88f289a923c5f961d259f85

SHA512
5584ef75dfb8a1907c071a194fa78f56d10d1555948dffb8afcacaaa2645fd9d842a923437d0e94fad1d1919dcef5b25bf065863405c8d2a28216df27c87a417

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
d2642245b1e4572ba7d7cd13a0675bb8

SHA1
96456510884685146d3fa2e19202fd2035d64833

SHA256
3763676934b31fe2e3078256adb25b01fdf899db6616b6b41dff3062b68e20a1

SHA512
99e35f5eefc1e654ecfcf0493ccc02475ca679d3527293f35c3adea66879e21575ab037bec77775915ec42ac53e30416c3928bc3c57910ce02f3addd880392e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
36KB

MD5
47d88f0e30322831ac51429e321af624

SHA1
0a3a50ae8c9d61a6d96b872f91b4694187be0bcb

SHA256
ff066f3e1ab3028b7bf326825772da1a50d4c9bfe92ec0abcb52f17ed996482c

SHA512
416fa132223c396c6ec4ba581383ff0859ee02a7e73acca4836df0e8154600cc9cfa4249832d0370fc7c45232e0114994e7da36d094cd459a6f3c77be539cece

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
32KB

MD5
d6b1527f6419bd2e74ec2d71604d84d2

SHA1
95ff30102baa2a70f9259e21179d48f0c7ec951b

SHA256
37aca6764d5bf1fc67ec762f42c6e2195b2fcb6e7f80f654e74543e437344aa2

SHA512
288ea5fca3566edf29300b207467cfe12808ea596f6c1f4c91d1ff3c8967a956d6517e2afdd6032f58a60268f3aa3108cdc468984cffbea0ac9356fa324a4ea7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
115KB

MD5
ce6bda6643b662a41b9fb570bdf72f83

SHA1
87bcf1d2820b476aaeaea91dc7f6dbedd73c1cb8

SHA256
0adf4d5edbc82d28879fdfaaf7274ba05162ff8cbbda816d69ed52f1dae547f6

SHA512
8023da9f9619d34d4e5f7c819a96356485f73fddcb8adb452f3ceefa8c969c16ca78a8c8d02d8e7a213eb9c5bbe5c50745ba7602e0ee2fe36d2742fb3e979c86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
119KB

MD5
57613e143ff3dae10f282e84a066de28

SHA1
88756cc8c6db645b5f20aa17b14feefb4411c25f

SHA256
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

SHA512
94f045e71b9276944609ca69fc4b8704e4447f9b0fc2b80789cc012235895c50ef9ecb781a3ed901a0c989bed26caa37d4d4a9baffcce2cb19606dbb16a17176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
48B

MD5
cbcbfd5382e67b1454ef0fbce691d2be

SHA1
0815594c71beda84936597014c4dffc54b125d06

SHA256
531e089fd501d2e89af979a352a087d25a70ac15e90326cd8640f2913750847d

SHA512
0c20289507e29906961d3dd54f915378a191435c5b72ca95ac0e162c90d3e162c65c7efbce2623f1b4acfe370042073a73af3b34c5ad10c667cce82ff76c4d3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
3f43dd9de3967a73ebcf908c9306a388

SHA1
b9f381a112179f36e41986fbf2fea55b9a0dd12f

SHA256
35e2c40855cec37f75e494179d13a9a49f5796b9876d583d6dee84966bac24cc

SHA512
23662e8b89abad1c1105e96915c9d5ab7eb8f1a55f530f4a7a37f53ba296032181c77dbad3edd274df2e323c4dfc7a2ce1ef217966ac23f875f087ef65843c20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk

Filesize
2KB

MD5
b7ba4218edf322cba75bef8be95c27e0

SHA1
0664b8653a84fe14b60b5d00a1c35e6203e55cba

SHA256
23c35a21f4cc6597611c17a418c1fe61920d61e239c5cd0bc2653f64679f2ec7

SHA512
bb93e6f0a6cadb0352c1119d05f4afc24b2253544b74649bc058567330ac7d7c6e0d92078b617956b95a395ba21804fc6f06bb6eea80cdd9b2807a42754e48e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
391B

MD5
bc5e27d0806f40a4932e70e7af245f7c

SHA1
6d50a3a2d3b4ee3786722defdbf490a84e75b37f

SHA256
c0ad1c14b76bec1b1d244fb00b9d46e2d71d691bef2146c4b046d4aed3762063

SHA512
3d3a625c4bb48b335a9d0d1769ce243a391f9c6caf274b44610ffc1be897c428f4d194da8906658879e0dfdbfd3d06cee0a9c70ac9a4ef9425734ddafdf4d5cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
4KB

MD5
523bcb6ad6bd64686725bcaa424bf778

SHA1
3d50e6123cccd09bc981749b2d1bb72ef3cba6d7

SHA256
00d0b273f645130a755466f171fe0560519b82cd14632a533918c8801234e40b

SHA512
b9d29f6962f3e8609ef2f67461000a8092f1f3af05f09ce8c35af922f169f88c28051576114fec4e2980da75f9046ae5c4a52237b4e1fe9d946c1ed353705fcf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f7f167d5eea74bccb42159b8b4c3d0db

SHA1
7d7cf5aea36eab385bfb0a73dce2ffeee4110d5e

SHA256
2b1a7c2220ba3a7c7dc9f46f4d61a2a2b86528c892e9bf7152ac67ca434a4c3b

SHA512
8242164b9269db501158568faae7b06cac4e7b458dc0f37a2dfcef8bb470f3ebb07e2fc1b12abe9d95efc6b090719f8ecd8410886ec40e56f7bc6302b24b242a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
732e79c2dae80965297f6c3ff5264ed6

SHA1
cadcc0706f988238d921c08639f78428f41c9699

SHA256
a2082ce894c12e0db73ad72483ab36d864bdf483aaf0f980ebcaabfd2f576139

SHA512
e8f0af4eaa861ac5a4df2b9252f579c694f0fcaa8f57e29959c3c1a8bab791f999cac120a3ca2950f758873f36d5f6ec325ff2141cbc101cc8f4fff3bbf03c0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
69b72d0a4a2f9cbec95b3201ca02ae2f

SHA1
fcc44ae63c9b0280a10408551a41843f8de72b21

SHA256
996c85ab362c1d17a2a6992e03fdc8a0c0372f81f8fad93970823519973c7b9c

SHA512
08d70d28f1e8d9e539a2c0fbac667a8447ea85ea7b08679139abbbbb1b6250d944468b128ed6b386782f41ca03020e3a82491acb1fe101b09635d606b1a298be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
130644a5f79b27202a13879460f2c31a

SHA1
29e213847a017531e849139c7449bce6b39cb2fa

SHA256
1306a93179e1eaf354d9daa6043ae8ffb37b76a1d1396e7b8df671485582bcd1

SHA512
fbc8606bf988cf0a6dea28c16d4394c9b1e47f6b68256132b5c85caf1ec7b516c0e3d33034db275adf267d5a84af2854f50bd38a9ed5e86eb392144c63252e01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e40825e4f554a74283a5c10f40ae9e08

SHA1
4adc1bf9f772f3af015a02d9a400a5c35ccb99d4

SHA256
39eb5cb0ab2dcc214a2338dc80b92de349e333724e175af8564e9256c9e4a425

SHA512
5e85efd6e9fbe1cc0586e2eb933f2cce00336bd6dceccd0db7f7068eadbafdc865b311682de18533f0878c98d7a7cf74e61f065be742c292ed9fd06fd8567f2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
9KB

MD5
1d78dd32ca9c98bb860405ba9d510b48

SHA1
0008c8c600b7b96baa006f02d3d04622ecd20355

SHA256
926fb5b653ca237ebfa43d6cf36a23f80e84606321e3cbda0f9a106a47b9c126

SHA512
33307a97c6cc52b4e42e1b8ef825f9a28544e0dbf2898d87cc873c10b00df9db5665642755bba796522c5f76f269b587cd8cd485cbd0a91c7d40f3c7fd6f1a15

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
3KB

MD5
342ead4bb623162d955b422110e4d505

SHA1
d949fbdd508238558dbfff4e29fd719e269e1e0b

SHA256
82ee30cb174512cc3d3fb243fdd419bec5736a2244d4565fb3d31ee1b5687bc3

SHA512
5213809e31e5ba867cfbdd5f2ddb31c5a49e0b9a2c6cfa7e0a4b00f291f3504da7e785a64d399b3e6bb56081093b3b444cb965e31e7d56269e0384d0090199c0

Download Submit
C:\Users\Admin\Downloads\steam.zip

Filesize
9KB

MD5
de4cb40d4cdc7875fa95245d566ea144

SHA1
86966991c2dc5340f95f787f3fdf34af0c4e7e61

SHA256
0e974451f4a1f6e89d3d06dcb9616a731c8ca9306d060898a041193d47d6a5df

SHA512
681e91a5d2594da0126c4f86e3ecdd8fc00866adfbb438b55b257a907f65875b7c9de11244dbc36b2ab094c799399ed056fae876fc3f3f6f54c3e58af5ae89cd

Download Submit