hxxp://www[.]ziprararchiver[.]com/install-ziprar

Analysis

max time kernel
342s
max time network
358s
platform
windows10-2004_x64
resource
win10v2004-20230220-de
resource tags

arch:x64arch:x86image:win10v2004-20230220-delocale:de-deos:windows10-2004-x64systemwindows
submitted
26-05-2023 11:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.ziprararchiver.com/install-ziprar

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 2 IoCs

Processes:

setup.exe

description	ioc	process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\c26150e8-f0b9-4de3-87e9-bd92446300f5.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20230526131036.pma	setup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 57 IoCs

Processes:

msedge.exemsedge.exepowershell.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000dc9196c96b45d9010ee731d17945d9012e8753ecd38fd90114000000	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "2"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	msedge.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings	powershell.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1675742406-747946869-1029867430-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	msedge.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

Processes:

powershell.exemsedge.exemsedge.exeidentity_helper.exemsedge.exemsedge.exemsedge.exemsedge.exe

pid	process
1044	powershell.exe
1044	powershell.exe
4568	msedge.exe
4568	msedge.exe
1392	msedge.exe
1392	msedge.exe
5116	identity_helper.exe
5116	identity_helper.exe
3036	msedge.exe
3036	msedge.exe
3036	msedge.exe
3036	msedge.exe
780	msedge.exe
780	msedge.exe
2828	msedge.exe
2828	msedge.exe
1760	msedge.exe
1760	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

msedge.exe

pid process

2828 msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 29 IoCs

Processes:

msedge.exe

pid	process
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

powershell.exe

description pid process

Token: SeDebugPrivilege 1044 powershell.exe

description	pid	process
Token: SeDebugPrivilege	1044	powershell.exe

Suspicious use of FindShellTrayWindow 19 IoCs

Processes:

msedge.exe

pid	process
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe
1392	msedge.exe

Suspicious use of SetWindowsHookEx 13 IoCs

Processes:

msedge.exe

pid	process
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe
2828	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 1392 wrote to memory of 2756	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 2756	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 1608	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4568	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4568	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe
PID 1392 wrote to memory of 4216	1392	msedge.exe	msedge.exe

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell start shell:Appsfolder\Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge http://www.ziprararchiver.com/install-ziprar
1⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:1044

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-redirect=Windows.Launch http://www.ziprararchiver.com/install-ziprar
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1392

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xd8,0xfc,0x100,0xb0,0x104,0x7ffb8a0846f8,0x7ffb8a084708,0x7ffb8a084718
2⤵
PID:2756

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
2⤵
PID:1608

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4568

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=utility --mojo-platform-channel-handle=2704 /prefetch:8
2⤵
PID:4216

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
2⤵
PID:1676

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
2⤵
PID:3328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5212 /prefetch:1
2⤵
PID:2208

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
2⤵
PID:1948

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5968 /prefetch:1
2⤵
PID:4068

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5268 /prefetch:1
2⤵
PID:1260

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
2⤵
PID:1792

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=6288 /prefetch:8
2⤵
PID:1856

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
2⤵
- Drops file in Program Files directory
PID:4740

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x228,0x22c,0x230,0xe4,0x234,0x7ff6114c5460,0x7ff6114c5470,0x7ff6114c5480
3⤵
PID:3792

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=6288 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:5116

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2900 /prefetch:1
2⤵
PID:4816

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1236 /prefetch:1
2⤵
PID:1072

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
2⤵
PID:2988

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=collections --mojo-platform-channel-handle=3220 /prefetch:8
2⤵
PID:1092

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1944 /prefetch:1
2⤵
PID:112

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
2⤵
PID:4924

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
2⤵
PID:4396

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
2⤵
PID:740

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2900 /prefetch:1
2⤵
PID:4184

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
2⤵
PID:4388

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1
2⤵
PID:4984

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7036 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3036

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6940 /prefetch:1
2⤵
PID:1696

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
2⤵
PID:3160

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
2⤵
PID:2828

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1748 /prefetch:1
2⤵
PID:2744

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
2⤵
PID:4812

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
2⤵
PID:460

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
2⤵
PID:4176

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
2⤵
PID:388

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
2⤵
PID:2004

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=service --mojo-platform-channel-handle=6972 /prefetch:8
2⤵
PID:3816

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=service --mojo-platform-channel-handle=3360 /prefetch:8
2⤵
PID:4604

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=4104 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:780

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=utility --mojo-platform-channel-handle=6432 /prefetch:8
2⤵
PID:868

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=service --mojo-platform-channel-handle=6276 /prefetch:8
2⤵
PID:1092

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=utility --mojo-platform-channel-handle=5488 /prefetch:8
2⤵
PID:3388

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=service --mojo-platform-channel-handle=6352 /prefetch:8
2⤵
PID:5044

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
2⤵
PID:3972

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=3400 /prefetch:8
2⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2828

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
2⤵
PID:2540

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --lang=de --service-sandbox-type=none --mojo-platform-channel-handle=5080 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1760

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2132,14693367860473246169,11064214437863686554,131072 --disable-gpu-compositing --lang=de --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
2⤵
PID:2596

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3668

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
cd4f5fe0fc0ab6b6df866b9bfb9dd762

SHA1
a6aaed363cd5a7b6910e9b3296c0093b0ac94759

SHA256
3b803b53dbd3d592848fc66e5715f39f6bc02cbc95fb2452cd5822d98c6b8f81

SHA512
7072630ec28cf6a8d5b072555234b5150c1e952138e5cdc29435a6242fda4b4217b81fb57acae927d2b908fa06f36414cb3fab35110d63107141263e3bba9676

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
1d40312629d09d2420e992fdb8a78c1c

SHA1
903950d5ba9d64ec21c9f51264272ca8dfae9540

SHA256
1e7c6aa575c3ec46cd1fdf6df51063113d277012ed28f5f6b37aea95cd3a64ac

SHA512
a7073247ae95e451ed32ceeae91c6638192c15eaad718875c1272eff51c0564016d9f84690543f27df509a7d579de329d101fbf82fed7cbeb27af57393de24ac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001
Filesize
59KB

MD5
0a13121d14cc9a498aa816f2feb8f0f8

SHA1
27e384693ed48699df63b9af403fcec12979f5fd

SHA256
ac6de68fa3c8b4aa454ce96106c7ed4f81768092736fb5548d5d6485a07b8c1b

SHA512
1e6f6ab614eb90c541ff2f2aed09b3ed72149cf3c9ef901dc3b8dfb0a6bb3273525ba472d337d1d3b6ce07a255de1c6ebacf41f2d3510ebfb6561c3844aa425d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
Filesize
22KB

MD5
66cdd02c5ebc2453afae749d7e1f9f53

SHA1
2a6bd95ccccb6d423e4fd3fd7eda532d82e8a907

SHA256
15021324c1b8846ad1425e9542389b83a4472642af49e7135364450ddbf35a30

SHA512
fd65a2faf6d715b53e19e2edba3f06ab4f49a122580a0cb4316c2fc92969276596560252ba1f2fe3c97d4bc63bf97541d4ebbd9597036ff9dd818699f1430133

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
Filesize
24KB

MD5
63f8c134408852106835db2f928cf0e0

SHA1
7ca0035d2a05154f1f93e19793b2298973cc8733

SHA256
2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5

SHA512
d1983a966674245c23b669be41281202ca34377275748e9478288b7a6607d2db5c663b143a380c75a03921cdaad5bcfcc28b863a95422a9cea3baca6bceba811

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
Filesize
18KB

MD5
e324205e10887f01bea5a1cea509cc09

SHA1
58336376ea98404d535a844db82cf7788100b658

SHA256
733e24fada31e5536ce67effeee86ee5be709effc0cc7caa1004ef19d96cb897

SHA512
1efbd8bd9c45135b32898d3ed34a755430da477f960ca5f6a1b3a2d28b8eff5d465f8000fb803dbe1e717f054ef1e774a0dc0d18b15198a5fa828d408086993c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
Filesize
22KB

MD5
de69cf9e514df447d1b0bb16f49d2457

SHA1
2ac78601179c3a63ba3f3f3081556b12ddcaf655

SHA256
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

SHA512
4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
Filesize
26KB

MD5
dfd28d432379da27bb439a0464b9cdb5

SHA1
69495c8e43ca0d7ef345cafa1f5bd66c7fefe527

SHA256
b79905c7683dd4aa7767c41c25d95130663ab5eb6e885ad6a60349bb1ae8ae32

SHA512
30669365f315c1320832a733d83054059344ac0dd4c5aa98b9639bf571ac44e62ad556665beed00f0adf35e5e2af74d790f260d7534cd88173e7ec516caed980

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
Filesize
23KB

MD5
e1b3b5908c9cf23dfb2b9c52b9a023ab

SHA1
fcd4136085f2a03481d9958cc6793a5ed98e714c

SHA256
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

SHA512
b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
Filesize
24KB

MD5
ed56eda339919c179de921d2e7c023e1

SHA1
b97343947ac480f3715ac59fd8a70bc45b6d94b8

SHA256
3d27e6817e3e58069e0b0669fe2856fca4ec7d148d3e7eee2eca08f7cf4afb95

SHA512
67b691ce5cb397cac6d7c78c3731da5c8b4d3b421ba351e8384d7bfd50c9edaf8f44bc70db7b4892a711fb05db6c1337188006648d6b618b435532b6c65a7800

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
Filesize
80KB

MD5
fd1509debefdd97552a2cde1a0cc7e2d

SHA1
f436cd7932632c0c793e6d43576b6dbdb31cb89c

SHA256
f5e3c70fc168b63550ae144d251c04f8c2f6017ff0de790030d948d8be9a7241

SHA512
25f5150d76efb7c69cb4ad3588173b58a50a8caf61c3b567f8968dcc17be1e305c14412733c8ebc8df99921e922915ce2ba87abc528a080708b30787016dce29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
Filesize
83KB

MD5
93e6433b8d6f7d3b171eb9a888a2a491

SHA1
72c8054d9c733d6b761a10cb2ac1ce5122ad8434

SHA256
d4699a0e4d915ede0005839454bd36e39018109d720beea532471fc793b0a361

SHA512
926ae5001e32ef2b319441085996a6a06ba4b84d7ab0e52bafeebe555535814b3004ea453c3d0311c36dc854b50d19389aac60d9da3bb6ca298b64e5bee899cd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
Filesize
20KB

MD5
39307e27138b106e53f1a4af27d63094

SHA1
9c2fbfb3f19bf72a282a101d1c802c287dbb5fab

SHA256
07c09b206faa8934e6b12c518a4f834d8bd5b2bbe92a07a4f169173ab620b464

SHA512
8e48c468cceab8dfb296c62c2fcf4e82adde92fc06e3b14418a4cc08dea5712aaa7f61eb5421b9d5fbc0803b1b8f2b05a344a2e3db7831212af9e2579972bc52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
Filesize
17KB

MD5
a1009f6b0b04b9f5778f2b08cf8f65d8

SHA1
1d4daf1323e7cd7bef0c230cfa446da7cec0dcb7

SHA256
a0d2a0c93eefe3ad74347a49284f08a7ce31babada3d4f15ef8a4ae9f5ce836c

SHA512
418a98e4bae1cba8162f0b83fb1325f8255633f5ebb8d835732c5f4ad62d1ff6e1648de593541c1a42ebdb3ee756b350bed98bef3f96925cdd624239970c4bdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d
Filesize
19KB

MD5
08475cfd380edb2d2e9290e97b3da01b

SHA1
bf77aa35534cbe99d892a7e24391bed6447d01f0

SHA256
90143522192bd04a6c55e30fcad375a9e1c104a28d36246bf7562538dca40145

SHA512
988ecfba1140ce754cb1d47be2249000196dfc30dc405fc733c4aeef71ca1ad88d13f324ee91689bd20c70ddd702104abfd85b831d4ed3177a40fc77e1727bb4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
Filesize
47KB

MD5
80ea7edbcbf0149038f2f21d3b9b6674

SHA1
b9314208dbb8575ba8c6b58f8b342b599a282db4

SHA256
788c687aa012c68064f4495e3647114476927494247607a13a33c5de0cb10bcd

SHA512
9d28d1929dd21ae1ed00ff8271a5ae32cdab917977896297a7f56a8695abb99d98e4092e0551e2be2951756700ad77612c4bccc29f9f31eeba702248b2e51e72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
Filesize
291KB

MD5
ed11ce9f7175b531622de919ffa95a0c

SHA1
1bcaa022f2479506c82d46d5e84a7e9276ca78b9

SHA256
279eefbb1a16734cfb1836e4301bc2ae8413488909775e525b482d03ee0d33b0

SHA512
91644cdc7d0c4b0a157972354488efff687b83adac21de94954ca3a4bda799c3df88b2c3f27173540d636e27fab8dfdf4eb810423b459982caefe87a69b1bfec

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
Filesize
33KB

MD5
91f5ae4aee5db929c1d8e315bf48da7a

SHA1
e2e6d12b81cd0328a5c04b97867f3f0a1ead2f94

SHA256
1f49fc06442e76a0214f25f55a0bb3d20ea6cb0c0e1e37fb356f396d5ee4a94a

SHA512
0a87daa02536d97ca9e5144c78656f70fae9f9679e16afcab459aac9ffc85a21dac2f22e7d4a4c363172fea54715e782cd0314dacf07610c6b67ff91b6bed371

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
Filesize
25KB

MD5
eeb1a3e062434c40fad0ecc5072e007e

SHA1
a655c62f12c3613a307a2a2a7a50df15e59ac0ec

SHA256
dc080b0e34f0579c2b66c068ec7cc20715b66fb1dbba78686999bfb52d35c6b8

SHA512
05bf4d27746a26745d3602b9b2142a58af35e16d387daac5777ba2b949f4d779e99ea059f568c2e410bb3232673962abaa50b16ce4f60f72d6f42ccc284c37c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016
Filesize
20KB

MD5
923a543cc619ea568f91b723d9fb1ef0

SHA1
6f4ade25559645c741d7327c6e16521e43d7e1f9

SHA256
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

SHA512
a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
Filesize
21KB

MD5
7d75a9eb3b38b5dd04b8a7ce4f1b87cc

SHA1
68f598c84936c9720c5ffd6685294f5c94000dff

SHA256
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

SHA512
cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
Filesize
159KB

MD5
7f2e1b48b71ec58fda4539018a2f56cc

SHA1
507bf81f52fa8c99bf2c5c8bd59a981899ca9995

SHA256
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

SHA512
dd7b52119d1179332147984f6c7d8cdcb3388aeb1e8af708ef9036acdde6e7b3900acc965221f4e4864dad89797072e19e5b308cf065a65dda7656be884cdd77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019
Filesize
56KB

MD5
8792e3720e22d6dd07c52985bdea8cd5

SHA1
a8e0746ce82fec718037fdbd1bf75a2220de06bf

SHA256
7aa6f35f51a29ac32f63651c68854753130940b84588631dc7983fd9bbbe01cd

SHA512
1faf8d1e1ccb29ee50d3855289325ef944f538dd436210ed1d7bcfee7965eb01673edfad6c933bb98b5ba16c23e06b3c39199ec45c31ceba5418aca04c4e6a63

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
Filesize
45KB

MD5
04c6dcf03c2ebab0755d759692df3eb3

SHA1
2962a341f50d689238831904933a1a9765e90b07

SHA256
bf9039206bc1e7bd07f522dde9892c0e9f2335419e9980e203ec58785c2af2fd

SHA512
7918f2417a6d7777dd07d0a5305a1983fe9fff1eda4208f143ae37566707da7a79c74d6c09c0a66cfcfa42afb51f36d0959ce4c0fd2ac1f42a8fa242521b4de7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b
Filesize
42KB

MD5
b983c9404768ad3bc4f440c7c7762dd9

SHA1
3dccdf718a994253c2535378a0712762f78f1318

SHA256
8c0c6f86d3bf9aa85b3b02310f0a775fb51f15244a6b71f8ba80350475065913

SHA512
4ae584f24dca5444ed12b4b4f9603abdecab3b18fbb04ed6aa96b8386991694b61a965fcbeab2732c49328b2e85c3d7a4f75afb843939b095e29a7492fecbc95

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c
Filesize
107KB

MD5
beb500d43fa578f1757aa4a975ca6e6c

SHA1
cfb0eac4e9219da405fd35c666d295155923681c

SHA256
d6ec33beefd280d6ef84af783bda1a30746c28f7a819cb27d0b0e7910119cff4

SHA512
37d56512769162f18acae087e744ed5393a9d1d4cf196ed6527ea2ebfc0f54c629e5dcfe99ee10998f07021301612750267c47aeafc8ba5512d968f797e15c29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d
Filesize
36KB

MD5
3ff4937221516af25c7e42132e7106c4

SHA1
fc5e5ebfaecd51c908acf6c012fa684214d74669

SHA256
edc08cfc81aca33382a1c75a1376589247c0b7c4546138de6f7ea92b2ebed181

SHA512
30e0c07216d9ec81acae61693ab5bfa56ffe79728b250ed885bf88dcd6b7ec16769959be6acf29dc079ac8e16337a3e10fd10ca5cc14a634df67090f6640b69b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e
Filesize
19KB

MD5
f332f0698127608c34b601f697cdccce

SHA1
0e1ff5700d6180cd7747fa4ccb019e8a3f28d772

SHA256
e37af4ef4f9cc8c18f8b64294f8946e6fb6c88fac9bc43c024bbe4ee983af447

SHA512
718dab1aa3e1116e5ecb5fcde8c57273a5c79ec14ca163200babbab289044c9f5ea2a51acf4e1ee56f6ad5a596be2b808ec20c59ea64cb6d77c2229e461df319

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f
Filesize
21KB

MD5
7b891e07bb110c1687c0acacd02c54b7

SHA1
88c9f455c2e1e182957a4225b47eb6966326e870

SHA256
efbda9705f6f522f11dbc3ab20de0f7ef454b881cd6a1d072013d8a7cc0fe925

SHA512
54ffb531229056ba7b40390e4ac090e241f7281ffd7fb0fc6c05e826c2a9847e9c2603f3c938c173e21117776868cac263b5f1084fe482bb4209bdc5792eebc0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020
Filesize
45KB

MD5
94831b2275d2b9fa2e75c725037e8a76

SHA1
52bab1e2ce940970415710d8cb4c7957067a4739

SHA256
f366d43c43baad5e48c918f8ba8ecbfc05da1ee463dbbec98d32909c39ffdf63

SHA512
1727333e184c0f12a1c5adfc8f8cd9d422a6701cfa7dc3693251acd4b60b043057296f319f6ff140817d66829035f648e884d7cf4f35c9e5dcc8abd7039f3cdd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021
Filesize
23KB

MD5
ab7b286b6ec31297bbd6eb0b0fcdf2cb

SHA1
292d008084602fc297a5b594934aa067cb4bcd32

SHA256
09ff828e390964219d4d8cb995f8a540bf17464a0c1b845895d401d275a43232

SHA512
1361d6a863ef0a2c347439e86904290b70760e5ce257044eeb766980b084e1d090576a0d40432e7391130b0cf80820f4ad4c3ede033f650c0a0f358fbd423581

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
Filesize
16KB

MD5
c251b70347a836f701c624823eccc50f

SHA1
29b10852725740604076afc66bb73143cf5c8e64

SHA256
b231a396afdcf85a4b2a24f765260be0065391f9db9e96643e9f20cadeaf6ed7

SHA512
87638cf25350b2127a34114a209e1eab0a8d5e2471545bf08653c68be0bd1fdc62d99ef9a59fa8b1bbb630f2169728d8ef4a1273f4bcafd70d7a7245839e9803

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023
Filesize
37KB

MD5
e4e3c4199cc0713769d512dcf2d918bb

SHA1
73647becf4ecc7744e971b32536abef2aa07f9f2

SHA256
efeec9f2af78ac6f9338d58045b3cd5830ee66444b7ea48eaae3f4b9ddc92203

SHA512
ed6959a4bc73d613b1052f35f44723e411ac54459018fafcab0bc4e1c65c0f2e3c449d24893b82778a9a0991e170fd8ad36025dc1c5b2fd654d10affef9e459c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024
Filesize
39KB

MD5
5892230895c0206843afd3fda975c882

SHA1
e41fbcb6781a002b6d4e79f1ac3b66b55c00d94a

SHA256
a7bec329499f2dc13919f556b71dc6d783965e50caf2fbdc09d2719eb7f026e7

SHA512
3b6de46862040db4a912af2eba92dc4dfbe1882679abe17ff717ee2b1583fd91946a53b4d9e23332971d1a8ce39bcbca648e2cd739aeec2d1a397aea4c9829bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000025
Filesize
44KB

MD5
b9eba3d10b4c2b7bca4d46da5011f577

SHA1
3f0091880b6cae67dbcbd6c54181a015fe68f594

SHA256
4c40780ea1708d27a37cb7f1c243b427d01298cd80688a3ff6c6e69de2681c56

SHA512
bb52e2acab674ca5ba1a5c9603f01470230e4d5beb741edc22c35e20eb3695907baf954d0025d1a117a827adf6008527929187355df7246fca396963ece0d1ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
Filesize
29KB

MD5
256174120035627cb9e66faba886f9c7

SHA1
9dc1f9ea1fddd7f1d5d67e76ba1ca4f93d25f942

SHA256
ce6fc0e331631862068640b3c18aeab844db33935b88da874d3fb40b23461c07

SHA512
32830c9f931356997c481e14758414044e3be1f9ab8481b91598e9e89b6ba837a7e86a9ec2b4f7f5d2d731cbd3e156fc36447c446aec9e68942647a190d9f0c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027
Filesize
60KB

MD5
0657393db4cabdb3a22515a03ec20fd8

SHA1
daab8da56dc4d598bbdad237f0c028953cfbc21c

SHA256
8ba80aa81ad18194df867512cec44dca56371cb9b5ff668ffbc949b655026251

SHA512
e2079fed7131c793ad5b863f6a5b27526aa12df7fed5af4e2055be1d119744156f5c95001fcc27214b0284acabdcb32a28cb1b6151a8f47a0bf76f2fae15121e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028
Filesize
29KB

MD5
25c2d092b819658d34cbc82432425419

SHA1
f03a238f333ed85f515f7f3923bace340e6372ec

SHA256
f67505765efe09a2ab56fd2c274436e39649ff067dad5da882836bd9bebb3762

SHA512
10ef41a90bff92da8a6d80327b0aa839268bfdca1bcd921d3925577b4fffefb0d70aed360c6bfd7b968176d6ef81dc8bafa3564eac5219ddb20fc32d684b6790

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029
Filesize
27KB

MD5
87708c0e5e384bec0313b4706b3036b8

SHA1
8132f8e42d2520c44a264e2449d6e0459874822f

SHA256
38417968167720184e06a166775a5e7713a0f8c6d7c411ab8e4064ba4e6e6854

SHA512
2b1a4095de9671dfffced0a43113073a7577f54707a4d57ae40b36d94347f4b71fc0314af9d4d34b43b1afb0ff36e4647d1b24d7f2cd6db3e0956829730b68c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a
Filesize
39KB

MD5
a4952306302f1cd3cf876a89198118ad

SHA1
7a4f12aba5a3730611133e680d538a01529a5ddd

SHA256
09907340d63c76a4e1152407ad708398b8c8c019e7d43a24bb82fb803c095766

SHA512
4d0b060a66103325b7ead6a42c973fde105449424d0d291f00de064218be1dab38b7acbba3f7426ce0cc9e8c9ad5be964787cad582617b5b1bccdb57ee29321b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b
Filesize
92KB

MD5
04c1f8be58198bbfb899b90026661585

SHA1
a993262fbacc9206271e682884ef7461e62674b5

SHA256
f58c12090a7bcb4078c96a0ea444fde0b1c0c4ae33c77ed2dff071b75d5bac52

SHA512
e30e982bb8d7e3e630ca4c54c8cd79ebfd8e0b74af14d38f605a37951c7e1eb4933e3df698d8aabe47b2901f0bcf3a3feb69c27192987c17e24dd6f29c6a19eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c
Filesize
38KB

MD5
2c71126da7e4c3a42edacc613958dba1

SHA1
381a8727f5f124eeb3da4962ca940e41dc77d931

SHA256
6629da5f8ecd9546f720837404cf70aa518fcb8226125158271cb06b2fc1f728

SHA512
cf96d48d2ac33676d4181f203676dafaaa527361ba13fed870e8e6488fd81c43ea4046aef2ea64581c170ffdfbd90df69e05f9cc3ce452c6f2bc662619cee11a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002d
Filesize
25KB

MD5
271fce6517f404b2b84b6ff7226bc39e

SHA1
811f056a9d06bba5a2a14e3e358d4e5236962d4d

SHA256
73f8b14d7a62c549ba5daa5f95b8f512c9f19bb98e8f2a815d5da5bc79a05082

SHA512
89bdce4c359e4a3ab4d0a8c6a1d96215ffbffca9e01e2ce787219aa52b8617cd20293413672f4bf5f3272603695a60489503c36dc4839e6c57d676a81aa64ca4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
Filesize
20KB

MD5
e84f09595912e3641543476f9ef6b762

SHA1
f8f8cdef72195bd345862a3f3d3c10a1e88e168e

SHA256
623a4ed3478ebc9cf60cb9c075d84486fe4b68de4bf32048e4ed57a31cf38c73

SHA512
edccf51cbb3bf8ae12c405ba08e45ac32e88f44c03216db0f6bbe0536e9ffb19a13d3cd04b3fd7a279f498923ee0dd74621727dbf1900a66b136db04adb911d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f
Filesize
17KB

MD5
153ed6fbfc362912b5da07164ec5363e

SHA1
9bbb23651e981ec3a62388eddbf6d752cd8d5f9f

SHA256
3321dead36e082010d5be72c6e1f6983b6d58cb3d54c688ad162aabe93af572a

SHA512
21572354c622fe38dce695b91f4d5acc8ffad2da36688b7e427614c7f818ee70150f18c74d15459c8bcdbf88df76fc5c29d0c47ddddcaf6894fb4508994b3397

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
Filesize
16KB

MD5
def1e1f35d7091596b4fb1a289f18a58

SHA1
3cf36d000f9799e7bb864614f81a9f76d1e88322

SHA256
3e5defe9310dc009b07303620fbd1ecf1a13cde88efb66c9a61b19d5147e6493

SHA512
de2072c52e432c6c4889ebb9fc64fcc7b9750c517b5870d553041bcf2fbd73695cfeb5c4206351cf07632c267307d13052549aa2147c963ffd25fb94416c386e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034
Filesize
61KB

MD5
c5ef039a3362d6c0f0053afcde694114

SHA1
8a4b089a2c0bdbaa5e93480a0cb130da50acab96

SHA256
cd0013d9abff7beec0f3fd0705c5ce578da21c149bdb176773b5ac027be14e31

SHA512
14d97cd15d51e6562ad8b9e37046a92df953a325616d30e8f1c76054fac4f378d98cd534af54fd6f807b02b7e01a64dcd187b527d975db3ac9e0a32459b9b35b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035
Filesize
87KB

MD5
965cdc653ee87f246893775770f1e3c1

SHA1
08672a10706717430864dcb821c2dc38d9261e7b

SHA256
e7e4b1b0ff55becb4bd2048a56a8b3c130445a32e3d0d30522e86e5a0e93ada8

SHA512
e7ac9a127ba552c2c4f33a949032622ec69d99b33c2f6942648a508b961e8ee673abc0795bd76839837f0d246e07dadf483d7b32993014d2494c6c92b02c8a32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
624B

MD5
fb02f21244f031848416017598bd6edb

SHA1
898e3c8865b14d75320bdd8801776d045d50bf02

SHA256
7f9b78d7ac3fccce42c17d55a67c7376ae0968ffc23c0c64473cbc23f6f461eb

SHA512
edff39549f80222b15416ea3dd8677193c2fc3c13193f12643bafcebea39a68ba644c7e3f5546fe0aaef3c9acc09b80fa7e9c52d487bae1e95e89ef3b2758c59

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
384B

MD5
fa34d24e0be22edce0bc793c06613db6

SHA1
7b6b14dfa09a6a3eca42944fc34575e6672b8cda

SHA256
a639818d179dbe92e8dea7dedeccc3eeac17b75c9fd7d2ca491b32c34991a9e9

SHA512
c66778feddc152edaf6193cb89650f6e000aadb3cafa15fa02ef84285f8463d75d00272bf3924ccd28954a7f6738e6b0711bc393d31199214b4e758f8a2689d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
f061a6ff735a3d2ea0ab667e3cdbdf8f

SHA1
f670938c946b90fbc2436cadc0b0ea701cc490fc

SHA256
3f31f7b7018d65661be475959ebf5b14b7f9d3952472b163ec07d9575931b644

SHA512
40ce09bf6673fcc14a2f0d3144c65df7ede4d6cd450a0a69da2db6de5d8cea48cbf66622c0d6807728d769555dca131ef4783c393d2782383e051bb4895eb6f5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
1KB

MD5
b0917e476dd23cbf9fd6ab0ac3c65a9b

SHA1
f0594af1505b2023a7fa48e9b9f8186e56a2b214

SHA256
c519c22142f74e832c3a0c7e35eca2d251980f907a88ee0d5d51d267044c781e

SHA512
82b8949f9ae57188b77103b26332bdc4d3a48eb4b74e02681d8fab25aaf7fd993595f9993b835572826fe0ee07c523e4cc391fd12d78a9afc32b399fa6ca060e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe571ccf.TMP
Filesize
48B

MD5
060d8619a3202197223ceb48da3b2993

SHA1
f13584724066596d5ab9dd6ef0dcc0767e38bdda

SHA256
cbc578723b7e871ac0e72768467c0132ada97c1f541e8f1c640eb5be4ee12052

SHA512
f40e43d0120c2eb10e17d42fda914ddff3389dad8ca9a1e4d69170530786bf0e7af90e1cf2f49b2b157926cdf12afb0ec76a556d47afeea0c65aecc784d5c99b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico
Filesize
70KB

MD5
e5e3377341056643b0494b6842c0b544

SHA1
d53fd8e256ec9d5cef8ef5387872e544a2df9108

SHA256
e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25

SHA512
83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001
Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\_metadata\verified_contents.json
Filesize
5KB

MD5
8165c3d404081dbaacfc2b9de7ca8bac

SHA1
8af1e8b4ebaf04fec1a8158dee2601613864b77e

SHA256
c04bd08e17eeb7456eea5b18287a323bca34955b2de11f349837f29e9b277490

SHA512
28be764d56a2165cb6552ddcef7d3f6bc8c3a9cbe0237e7899af4b55e2527b5f5dd1e30ba4a296fdea4eacabaa07445e53d740b7c2c18065ace36b0f6e525c0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\assets\global.scss
Filesize
440B

MD5
12e695667b7519905bf59c02e699f99d

SHA1
5877759ee54ee87295ff0751b0e50c6f1ef480a2

SHA256
9004e654e4cdddd57885145ec7c4024d7d8028276dd54f52ca776e179bd8fde9

SHA512
3497238795b65f8a363d47352947b631274d568edb81e7635dd934ed14c5ecc1f60e0275c2936567e6afcd44ec95504b893347323c2466dec05e96c864086293

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\assets\images\128x128.png
Filesize
6KB

MD5
e219b043daac822a5590e92a9039a668

SHA1
aa319b06809f505ca6ac6b932158c00031cacdaf

SHA256
ccf94587613340f2a66412a22a46cc3124ab81a6b217c4661bf864722ac7952e

SHA512
ea6bd4eb3e1a1d2fdd3cb9d8ffed460ba2d508c64ec6e28904c20e8794679a67bbed3d42c47716c74750d6b6a2337907d751d92909ec9f8600d12f9e2e0e8126

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\assets\images\16x16.png
Filesize
1KB

MD5
fbef9e1ef94b06de4bbb70a22c68fa33

SHA1
b874edb27371512f40c91e8e170accb2eda12074

SHA256
6ef6d97fce3da1b9158a6ea45138c0a3e77b0d4f115700e885c349dd4859611a

SHA512
5f5bf42ff947fac9aea4f733ae87ca0847352f3bd5c5dce49a7d8688bf7603568f08ffabf9a4c8347b1c3e84a05bb4e6ca68530ec05d56e043af4068c6ab5d1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\assets\images\48x48.png
Filesize
2KB

MD5
7727904ada9b8233832ff5b1144442bc

SHA1
29a49bb155591c6fd853dcf6a148ee8be5a077a4

SHA256
a61de24ed3ca8311df63ccc2a9dde0f1d2d5c1b35af713f99bfba78aa8064f7e

SHA512
c1b5c246eaca3362c2dac4187dff20ad587cdf005bce0cb67f0ad4015aa2fa168f037a9e849b28321d0b3d8e284cedd9b791c9cfca813e2d0f418e628ce7e94d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\images\128x128.png
Filesize
6KB

MD5
ad83df23ee14c5fc9132e08546a9f8dc

SHA1
c31f621c856be09a1334f3cfa7d24daf035df509

SHA256
d9911e795ef81e6110a1fdef0f50b6c766561c2f395713d6154a35d1e1de08dd

SHA512
498a86abc206a76e5f56c5db7c3512ef22ec3655b1ea71302e3820cb5df89fbcc3e9f9a2d084735c77c15d9e06f0d5788ad199039364db0ddcf95a22679e64a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\images\16x16.png
Filesize
662B

MD5
f34c7b49cf961a2fc129cd260ed7e9d0

SHA1
ca908ecee3d2e872305dcc325d2747778bfa71c8

SHA256
be060c1993b94ccf90a94ffe6df3658f72ec61d221cf05e39b7502ae4498ff6b

SHA512
5bdd98e4a9da13c392fee6eb0f2e35b26344150716b776b2933cfb72ca3f0862d3b427bab0b7d40eb5a9aa7ac5bbe0c11642720331b8f200810ef8e0cc16b28e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\images\48x48.png
Filesize
2KB

MD5
a41acb0e4abb2bbeb34419cb45512ba0

SHA1
34269f4b584da2c1c30bf5e662fc1525921ce6ac

SHA256
def4b63a88b8d36c2aaf903dd2553287d88a9dc7bf24a3a73cf49ed88e80e3dd

SHA512
a9f3119c097b8ec0f79d4bbd7172c45b7ed80be9b3a375b90a5b63087e96d483ceaea91178be7a373e20b39449a0d9686515cd60be2af8a19f91e22028c6335e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\index.html
Filesize
632B

MD5
7d4b7c10f4541aef16ad739baddb7893

SHA1
9041408b9c48acbb53652332385515a57cbf846c

SHA256
da268ced899cd2a6311c79b09d9742e80ed6251bed052237e238dc7c08404384

SHA512
806c98cf0d0e938466566286fd7bc855a363e8320eb283cae4877dd1d95668661b590ed738edd3b639208c7e23000e12cc34fac08f163666ccbbb8d75cfe32e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\main.js
Filesize
88KB

MD5
305170cd6cf337e711028fe94d854d37

SHA1
59f97432dcac8bebb49f9c85e3ca4a8cbc4c99b4

SHA256
ae07ac8e85f2cf0419e0c9808f85d66f49b00e73065e1fcd141ffaea59d7297a

SHA512
3b3fe67a92e94ac91326405c9c86a2461f3849c244513bc5ff44b75134aee5f0f792b361f66c4f2cf9e39904a62bbce42eb3de8498f7756f4935eb23ffd7c6d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\main.js.map
Filesize
34KB

MD5
23ab5f4db2b27be1fcb6299822e941dd

SHA1
680015a8463499b216c880108fd1cbe18d0fbba5

SHA256
e2470689b722d4e9a62b0c9cc7cca46069aba5c3d444d41ad1bbf8737bf3ea54

SHA512
f7eb0a1fccc8daa4c0529e1fe3630e2b5117d852fd176aae6509b3c00255d5a8f1df1239c8d2d2610adc2aab3f7f6e0b961cfc28a8d7188d41340d3c781b692a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\manifest.json
Filesize
990B

MD5
cd85421cf394ab86e568abaff2b85988

SHA1
d7667530c8738e9ac8ba143e8663f601cc91af4a

SHA256
4e40a19dc4183feb1fcd254a21323ff28b5b4cb43a0512a9ab6b2042e9a16b3c

SHA512
17614e0417ae1b00f9c0a9e68f409c447516548a71b5a0ba0ba31222163b9fbf5549e484acf29edd5abc6e3435d5e1cd23690405df5c751cc91c4c4fbcb9cfef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\polyfills.js
Filesize
167KB

MD5
be3679b279013396df49f054da191395

SHA1
ee360d412b890b8fa44496c0296c89904934a5cd

SHA256
abfc1a483cbe160e4fbd0f5f86fd9ce75d76000abd255379e43caf5089bf3ced

SHA512
d7bd6b5f2b3a043f1edbd2f49ed8f2da9915516c0a01ca4494860054efffc8431360abda60b4d082c32f7b09b12e63f65c8064ab826abc2a70ba40efbaf89573

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\polyfills.js.map
Filesize
189KB

MD5
c0232318c9b35cfe7138a6d0dd17ecd9

SHA1
27b32f6ca128373c61ae1222c3837eb5c55b073d

SHA256
496fff21d5d95e19e57d1bcc1458d9375bcf852f53c16055e9f0219316759531

SHA512
3591a62d3f01efd5f79a4e114cb4feaf36702d827fa0f79f735f1a5456c0abf582c236470fb3277defc63822fabb67d275e472f9d1356358d08f6f48829f91d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\runtime.js
Filesize
6KB

MD5
9f8fd94c7fab6741e59b1caecd1012a5

SHA1
4185194020af676a9c23dab2bea2b50c0aa00a95

SHA256
fbc4b10393d7c705eb9d697bad4df90fdfdfe8c86fd1a68ee325cffefc5d19ef

SHA512
8157d061955e83b1aa10b19155e158dbbf4d80387fe3a3bc61724fe4ef9a99641f32d48cff57400ba64f9568fb9b8346d1ce1fcac10a50223c9ccf481a365d43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\runtime.js.map
Filesize
5KB

MD5
013dc9f063dde0502c57c83583cd30cf

SHA1
729d030122115ea9a36d7ae8ed032e5ef139f0b6

SHA256
052de8db6ce486a0e68147c2574bd0e03e01795278206769b0da89bb250bbeb8

SHA512
14dcdb75ed7177f06081184617d6644e866cac4b3de6c9fb6e1881a074456deb1b66ec6ac46d2332be4ba9a46da6a7e0e7e920c3de335979e6408ae48fa3c376

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\styles.css
Filesize
2KB

MD5
68a1e96ada9ecea6b494ad1792bf4f84

SHA1
d99c989327344d91e67e1eea3b29697f7ec2cec1

SHA256
3bff3eee4b0bd18f081027772bcab1e566470d10f7f476dd818697c3efcd80ed

SHA512
2a6dcaaed64274914b9fceecb0ccda1653609981f0b1e705edb24e78dd9d80f354123da91e02bae10e827d7110bbcdae0b7294d3bae01fccbe2c5ebf908d63d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\styles.css.map
Filesize
733B

MD5
7250094966ac2a8a4d25d90ccd349d9e

SHA1
c86735785e289ddf2516d0d548f4136c7534aaaf

SHA256
9d61af5a0614e90e8c032f8097653a0691bc07e1a49a071bb0d10de7e97b7ebd

SHA512
67b16651376834076c23ce851f3a37d0d96dd6cff8c3418597cfc36eaf2d91599a976c7ec48245fc846d7066c5de4472c51ea4a16a12a364924c6d1f471ac882

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\vendor.js
Filesize
2.2MB

MD5
ca6614780e7f684b94a59ed0242b5dd4

SHA1
d9ac7b3eea9ce7bf745fb61db1d5b85459a0b0af

SHA256
0f9c39be97c69ea1acfa44bbedb0b4d1cee6e293ee6ad6f95bee16868a5b131b

SHA512
ae8836d8666373c8ccdf1a871de2f5a19d9f9e51b35a1b00c2829cedb0332fb7f3bacdd80596a36b7ced3802ea94b37a1b86a695a149b3de71395324cdc329d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\Temp\scoped_dir1392_2119884278\CRX_INSTALL\vendor.js.map
Filesize
2.9MB

MD5
3e56d88c6db81408541ae87f05581b88

SHA1
508cb3f13a4a6c8047642b4158c3f09f8ca492be

SHA256
3b18ff493d2357e209d2c1a78e6d1ea327a682f98e591343eb51173051f7671b

SHA512
b27c8e9b359d5de007c693115102c0ac381fe4278eb3b0d17b4142646f0fbd1be1cc826c8a8010bde33da16953109dead5f03d3942321ac0496f6b338f7169be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk
Filesize
2KB

MD5
6ceec41b376aa41eebaefd58e7dcaf66

SHA1
5507bc67ce2a4b2e664e4cb58c7910e13dc84efa

SHA256
11dc3b1c918351a6ca95e060b7c4db626fe01d4a14c37239a2aee4ec961ea6f2

SHA512
58d95a66ffe5e016d3107ec7bef12186eeae29834bf243e42ddce9d142a9bed98e1f26a77bbc159392b6eee959d596475794356cc9c2d806a928193ed3ae7ff8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
4KB

MD5
13b376b5e6b1d4288e64681c63cb7539

SHA1
fc840793fcf894aaf5aa43e052e5f5dc06283633

SHA256
c161a8ea6c09f3c9cd9715fb5f7fd6385528ee17db5274fa56d5f0a8939a42a9

SHA512
9287d6bf4a0112293424f34139dce60cdaa697ae7d9e4a14cb7dd3fad6fe6dfa282580b3fec0ec0ec776d288dc16637a01fc2da804bf2564f3e232823ba7d5be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
3KB

MD5
e5b926a5378fd7a11a081177b5cb9487

SHA1
d14d7076168a8e28d98d4cac9ba43c5baa0866af

SHA256
743c52a6c1d1f1ffaba97d46f9cc209bdd2b6d4c9c0cb09bda9328c689ae9d3f

SHA512
8e3115f1078944954ee21d996c6051999ed195d0e1c92e28971f7d098ca148027fc22dab240c5e87a2ac569662bb71bb240f32ea52cd1fc8334c06ee14816c61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
4KB

MD5
859421ac689ba7783cad8002fcedfd1d

SHA1
6752efb63109d442c976915e8c07b9d979eea1b7

SHA256
41d32a85227c461ee3be92450f9b3f205012f28cbd8837f6aad22f09eda0b78f

SHA512
d234b38f25e9025971c4783e9d15137c50fa2a48e34d0e171eb215634dcd1291f53838af1d891db2bcd255f3b150c0d449c07deb7bc98cec8d8add248863d9c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
4KB

MD5
38418213944bd983fda4f93d7b6ef7a3

SHA1
e5b96de6f738948f257cb2eb8273bda51417ef05

SHA256
6fd65206491dd48b1dea32c80da156d3afd7bbc02da453eee3627e6dfa77a171

SHA512
df8c5bde7e92d9c72877c3b7765724fe61a4e4a791c27ec2389427f18e6e8d1b282680776093852e39f31f4ee9a8880647e59a3e1b07ea82a43edd74e45850f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
ce7626a6716ed1cae60a3548af6a6f98

SHA1
7dbde5075ec79f20719037fb2ff52d1c3d3d3489

SHA256
267748c2783843df026f8c4a64e3175080e3d3a55d7d5d5b47c62bbc09cd40ff

SHA512
b34c8669f56e4c08d3cb7bd73a89f49dd3abbab7a38d255f68b8f0121deb8d63db76579f743b4b41a38f20a25f64ace14e99c1f1fe04a19e8d9ca670096858e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
4KB

MD5
8da68e3e2d6c74e066376e2d5248dcf4

SHA1
cf5433f6d35e729bea3c765ee5e6b706e00abfee

SHA256
bdbb2823b795b7c6fc19b05571c532d73fd891236c3bf5a94e10f4d464e52af6

SHA512
629dc755c03f54591654cd7ec0dfd20c59a1ef8618ce828dcbb8d6a317567a39ed4863983fe25bad378afa47d839b6675f006dee7a502d8228326810f9d6c8e6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
5KB

MD5
22333569693c9b32ce16b41b872d3b1c

SHA1
78bb182c27f870b04e5bb86589b13c0c824f6803

SHA256
77307f6f2f63c1a67cb23e24b9e5e718d2cce0c92193f95ee761947d9b724b50

SHA512
3d306a4e141877469767df9685d3c0454647896c02259a42b997c3edea0f2e44067a64e5d74ca24120efb1b926b693143e3e424fe529e284b1427e72c715ade3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
7KB

MD5
10f94200da970006e2415696bd4e6f81

SHA1
79b6816ee6099cd2265c8b24a8e11282c0ebb22d

SHA256
727434a97745925b43062deb961194fb0d96e72fb8b98b9ed116efa336fa547b

SHA512
e63dffaae77f5b725e63c7d6b58cc8946414031d5f6d538f231da8c3c958db8be24ac59f870aa046d9a9ac2d5930568ac4025e291134ce311f79fa82bdfc2543

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
0e78eb6d81bfbced91ea1b4da6200101

SHA1
0bb1134e91084f4d1492aa5fa2de53f9328560a5

SHA256
f6d53339e3afdee3efa56da05415388d1569377972f20cce525a8dc2dc5d5e34

SHA512
a231241ae122866ef580b34eef078956e819fd264835789e08ba6895218feca2746bdbf2ef2dc50cee335ce040486417a0d2626d04da8e4e1eddd94cc1f9f8b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
3547f2fe04ea82aa4f73fc67413c007c

SHA1
384e96d7dbb28ae77a8e62498b7bd1ccb1ee05a7

SHA256
1e610a92e658becf10a8841234938adcdf476c64aaa034332269b81ca854bc37

SHA512
4457c978d1a87ba20ebe9cc9fb4cc16db1dede7514312fa3b399f04afe79567ca035fb0fe526d3f10d01d5cf90fc0df02f50e179f359f45c4cfeb48f84861fcc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
6947da01efb9adae03ac241547cc22a6

SHA1
3afa87a117f3940d8a9eccddcd117d886d252d8d

SHA256
6cfe4f937f14d01f2e63356d6823ad988ead673ff5ef5a8b434e2eaa381ec257

SHA512
c46a6660f8dd61e48e4a7cba67d3a153b330518a68af05612142e1b4b91dd6be56cec3ab9232bda3e1e5e0fc0df40a01d14b79ac969336858bfb1c0fbc8bc774

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
7KB

MD5
0630104e753529ea50c73e35b12163d9

SHA1
2cdd31b47bfed89cf2dc0362bc869706782951fe

SHA256
019140407efa073f73e81fbb2012c1eb8b9757a818c7dbc33e90524f86ce5796

SHA512
1d49690c49d7f25c59af5ceda13f78e864011a52d430d60400c6204295cfde6899d6702711082fb505ffbb792179e525fbda8066514b6b9a9e77d095c1fa9441

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
7KB

MD5
3ef6bd4cd64a599adc8ce5171616dbaf

SHA1
d5179d23e1ad051c7981a5bb995749a41cd81c36

SHA256
370a9932087c9a45d7c57da5bfc947d73e37d2c9d85b36879b9ba3e7603f0fd8

SHA512
25d1d5872144b36108491f0ceae892a29df3e831a65657981f9b5db7a15fde52cecb54fc7b9a04a13ca3546f1b0b7b7ae6fc8d8b8d501cab6d063beaab1a74cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
6bf16fb586af03a2f2b863a63f559519

SHA1
976a196646d1920acf2d172eeb82696164377f99

SHA256
701dd591d4b39eab27089fbdf265a98ba5a8ea48d8ed5bc02835d776744effd8

SHA512
fa24b582c382c14a0692185c4f2f7f5366ed301a3e348c9c819a707e772f60b16a19b66f42d12844f6170167f73399e42cd790f16eae6589d50e0c0005120c25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
49a518ff65d43379280cbbd5da988419

SHA1
10b22963232e66edf48f9f5f3f3e0e54c5d804ea

SHA256
64b2ba17d1c4a3d46778d786e415cf1f26eda1ba412d4f1472753561b58ae38b

SHA512
810be30d7febe634fef359a619dc74f5d446d6a30dacc509d4ec1b479b251d71ab3364fe26ea2f9bf04210eda0b801ea177a79a9d10fe0056470285266463539

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
1a60c46bb4222985cbdf61fea24e9436

SHA1
d1c65ac3f145051013333368a3e9d7d28ba3cf1f

SHA256
a3284dcb48163e980cc19c9749d2e1218911d85b19918f2c5de98b97b0ad7e77

SHA512
4eb160a799eead4f92a89f30fea8d06fee5aa11ab87c72df4d7e2ee767cc5664359e909a7be47ed850920c0d71ce177219e658d4071234916fd05994bae2aa5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
951cdeeb0712bdf809055a9cc0c68b83

SHA1
ae371e8690c392c6d87db95f362f61c9122b0892

SHA256
b43eaa1f2ab0ba87a5e866524faeca98795e9e0acd30c0ef89d9a074176b543c

SHA512
80cb8fe12261f7d67dab6e55109f297e367f3070be6e78ce5e69e62e6c0e31a822bf328ddddda9d61d15141ebaa6fcc79ec52ecc410c6d74b4aca4316baf9976

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
8KB

MD5
7650c5a6ef8fafcfba0c991aee9a07ef

SHA1
9faed1b1ac51b0fd345dc654ac3a4f6c4fe557f6

SHA256
3f2aa2e62bdc6b2c94387b9ecf4c5c75912fead580ceaf6d548bd162c801aa9d

SHA512
453266a45a24bafbe9bbea09a4437d1561c2869fe648eff2295047a9975b4bee168fe1a70642307bb9195e9c6766b92de7797c0e287f3a6fe15be75c9315f051

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
Filesize
24KB

MD5
1463bf2a54e759c40d9ad64228bf7bec

SHA1
2286d0ac3cfa9f9ca6c0df60699af7c49008a41f

SHA256
9b4fd2eea856352d8fff054b51ea5d6141a540ca253a2e4dc28839bc92cbf4df

SHA512
33e0c223b45acac2622790dda4b59a98344a89094c41ffdb2531d7f1c0db86a0ea4f1885fea7c696816aa4ceab46de6837cc081cd8e63e3419d9fcb8c5a0eb66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
Filesize
26KB

MD5
606cac3d7c056c9325f9327e85dff4eb

SHA1
b4e596e59f53d1a9a77bdaa0e6480b5fdf6cb7ab

SHA256
a943c4ebcb18c6b34cdcf6c5b526eac37c42b89cdebac1d01463d2d3d3ea111d

SHA512
8112f2e231f1854f83ee33cc1000df326c20c8a8b156d8b52cead21170ca5fcf1475cddc1d2ef6ba7c6e799d925805bfb26eae1421661883e3be94d2ac5a675a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
Filesize
24KB

MD5
1e79203d0f70092bf25058099947d5c6

SHA1
20d5e2bd3a2ef807207bc3981bd5494c34839c0e

SHA256
decca6fa6de1f0dcc2b46a7c45e62d1754fda43b509d92393c628d56930851a6

SHA512
b06c5cb26083e2ef7a407be262f37d83d9fee4788e30a94ce258639f7c1fb2ccb4e37ca9b77e4fb30c0fa0a9e80f94a5b9719efd2499c87deafc87d260eb0568

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
Filesize
27KB

MD5
87ed900e099518bb185dcf743997f2d1

SHA1
d6d20b3703da589ed65fcee4f4fce6d8d13fd9d7

SHA256
7f930526a577c55e6ec9fd52d645f1a275f3341112a16556781b1677e662fd9b

SHA512
d3b240e7147e88893b7e81ca4073589a7afbb97909c9a56a6445881544f2bf8a6e70c69ec1bcd330d49d6ca849b8e1eb0c8cec772e9edb380ed128b1e4573830

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
a4e28f2d9fdf283c0a23d1d56e61e794

SHA1
f8df7e9c9c002040535bb0fa328879de95906f8b

SHA256
0c1e3902bcc047e6d8defe07ccce91ac77b40fb2a640fd3cd208807ac45862e1

SHA512
912c2bac789e39796acb3fc5e21b2bac7c8be2c35c91c12d17871fb3f7dd38a412e2db0013ec7b26ab5443d9f6955cd4141d774c2354de142f6c50786f92a476

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
8009f972d3980ee66a87d053a80c11cb

SHA1
abbc997939a567b327bd53ba76bc1c279a5d469f

SHA256
96d187c9a672c2d933df4976963a0132e11e94b74599bead5209b3590a94d954

SHA512
bf2f47da06f0b663effe5f4d41d67adc39f793fa3511ec9defbeb4cad32982720039257df79371d2d8746394aa5f8e64a80883caa651ecdc18662e410e9aa2e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
8b6bc96b92f156f906fba2117ed03139

SHA1
a2c9351bb0a7491d175a99204b3ff679d47bb07a

SHA256
1c562ad79beba13a5e439b2aa54d7cbb5ce4d8a42411814ebb7c0e242c8f6c5f

SHA512
0ea0e75824b0a3bdc7b806a8145f622045b6a20f841f5541d7e1d97438d7d5d4d32c191d61cb9ecd7f3c81e5def206aa0493e01d072219407a99f18b45bac876

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
82bb0d0129436ef95e28478c6b34274d

SHA1
5975c449e1d100283eeae6e73ef5eba8f676b4f8

SHA256
41602ac55e46d745d5c961d1712a37d5408d916a774912639220ab36cc1210cf

SHA512
5d6fcfb9f5c7e0b8efc394eef19a365c4542cb36ce3e1fdab2b2a467cbc9d35f036456ba86450bdeaa817d13b272e44804216ff7830da2f4ce92f20432190b90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
839db2c5db82518f9fee5ac1f2f24a21

SHA1
72188069fdd0d9e78256364350f541e95b940ce3

SHA256
791eddcf8f1bb2defc7ccbf6201b3241788a06785096240fc884fb44b3208aca

SHA512
cf8b002cdea9a631a5ceb7917fed538ca6d4c2296c4d1441beed593f823dc64005ce082d8dc1be5aa33eef9c23f304c37f564512c61c553854a81f445652a4b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
11f6fe53a8109b95afcdc080272c3d0c

SHA1
7f95cb0b5a6fd337e24a5af0f5b1715ad60f8f70

SHA256
0e49261be13732d8b23d865a075bddbf8057ce0df573e3a7030585bd221ebf3a

SHA512
70018a68a66950da8d1dbfffd46c9e02f168830726d18678b4dbba72772e305180d013ec414e953ad8d8ca76e5c03d0e8ad4f5994a12d54978073473f00fa751

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
e1825b9e9956207393ac1b244c6e35a3

SHA1
c7d56d463fd72bb71638c813d1f6cc2345ac2058

SHA256
49162a198671e27fc0734090cbc9045489a7a7aa314498d70da8fe72a37a8ff0

SHA512
3ab14be9797890c9733b59e52792cd9950e9ea90f6d8b53ab797912337ab8ca6dcdd466e192f061a4861d080384ed37c1f58b1de70b2b706214bc8b1e935989e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
dc142c61ca2b22db23ad49edf8c54775

SHA1
c51ad72db7fe68fe0de2f5cb73b95e1490bc9d53

SHA256
93de24da6df3ded870dc8ac8ff910202450f09e907f3d15136865319e7ede30e

SHA512
ecdc97cb2f6c3bc1bc6d435186fd7c1ab675ff15e27b7420e26798896e20eb68165aef9add0453d3194448268d4c928213f746dd558d806fc1ad7b09903fdec3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
82612cc8b526f5bda120e3e506e95401

SHA1
7cd158aa2257dc240dc915a935115e7a4f7c864c

SHA256
cd5f4b46a0c20e85fe08ed0611da7f6cc9e212d9ba8645d0f61c0117cad26261

SHA512
07348e7b01984a1cc8cd24e9d2ec1ff1febce7ed91b2121984dd545bbf2baf9ed25e99c34760afaddc39921dae9317ca19ecf3e712cb9a1e2c08977da6dfec39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe576254.TMP
Filesize
872B

MD5
a9de15df14cf5ae72c1cb7d2f43a6e89

SHA1
276aed44460c51acc8af9f0459a27649fc057403

SHA256
9c69d7976f726c1dc790a0196f4c8122eba3262b86f3fc90f824dc61b1f6b960

SHA512
a36fa1c804f2d74b4217a798c3c1d34203aea25c85fa7f1d6120dbc020a87ddc96a3a837911cb954714fcfb0c79d4e766b129ddf970c884d75f4fedb448ac206

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
9KB

MD5
784fa3fc50456ca67466a0de70015d0f

SHA1
b86d775ebea97204d174213bc932b4e0c68d91f4

SHA256
dde98a14e11ca39b163bd22f12fdbdcc250259cd97d8cf75e242dd69e42ee6cf

SHA512
0adbbf143087e0532166e39e415041ea2ec47778e9d1bc0c8b4eb2fd62fa6641b781907a6791be2c975fa6f454ffee2a01b81faebb78b0f4eceb98aefd6ffaaa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
13KB

MD5
8d6cfd06f25c16df9899846bf3266801

SHA1
5f2c82904e94e78b7396e37e81f50197594638c2

SHA256
a6a2d3544cce6cd26f9a4663ba0fbdd43d3a3db961575cc4f0d11eb53e602b31

SHA512
9aadce86833f81f7598fe6a7bcc62f76298d16ea8536ced02bf2dcafbdac68af8103796ee10294255e660ca9de0eba65e7419c21bb42ba744a10508eb9392ae4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
12KB

MD5
e96e0e1bbcdb9b273092594296663b7a

SHA1
10b9725815deb69f85db2898424ab5d840c7d7c1

SHA256
0c23317af3a65c3790e0db200934f0e8a53ebd0b194a8581f791905e950eb537

SHA512
c3e51029ea0e1bd6e0c7fe9e13b2491328affb12535ccc0a27e0ceb7b1fd8dc15d2db81b448a002928080d6c63dd4e5d6af4a9f8e86152cb480d43b0516413d6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
13KB

MD5
8d33ea14f21d5cfdc9398c07bc9b3b3e

SHA1
3fd3ee46ce842554891e79e4930916ed27665766

SHA256
025151102c0d715dd952cc570bb7f3b5cdd11bb0d429d6dde0a70a1a09a26593

SHA512
bea23e27804c694aed0bee42da29f46f74465c6aa4532f6e1f36fa25e075d38981439157dd6d51ee69c829dbfbdcb9b30a8d881979c279b5c468ebf049742078

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
13KB

MD5
7fae3e2fa1dccd829df01f1d69fe8ba2

SHA1
d7ff22b6000fd43d8a51a6ba691a25b45e9548b5

SHA256
c773155b1f734b9154071a19b12202f0ac76518e11ffc63ddc8f5aa4622405f8

SHA512
9df9106a3c8fee4fbe26317c8f5185e428d8734962e2f1b4ff6045775aa944a219f24345f89eade0f9113ca2a740a097303589e23a215e5e73d2572334439eef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Webstore Downloads\akdbinaonbobhdlfljkojpjkiendlcpm_12189.crx
Filesize
1.2MB

MD5
7b3af456999dd610f4d2ee38f3b78164

SHA1
0c71c083e01a16117ac7b26afdbc5e41ac3fc259

SHA256
ec15f7028f4966ae6b705e5b0447350d27d8e79477f7d2f79c51f63fbf7d2e97

SHA512
7fe1edca5dc2d12d9dd1b6a8da7778bad36d03ca1354e6351a0f57f8cc608a85d17696844a8f64a315051ce84a37e8b3aeda7a46c3edd2b4a6529ec2c3faedb3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\Caches
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_0vzg0loe.xus.ps1
Filesize
60B

MD5
d17fe0a3f47be24a6453e9ef58c94641

SHA1
6ab83620379fc69f80c0242105ddffd7d98d5d9d

SHA256
96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

SHA512
5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\images\96x96.png
Filesize
4KB

MD5
b39c879231eeb4c1d1b1cfb97d8537fa

SHA1
d8d927556b8f708e35daf2e858e73534fd2fc41e

SHA256
c371971caa1a4f2d5add43c4ea5ed4b4aeb193213040df9bc13526b97b5bc3ab

SHA512
a7c9bac7e5230e31c17bd3033cc2e9b8422f6b7968e547b87b44ee479318a3beb64a34361a53e8a6f28781dc8f99bb39cb20c2e7b8f6a736dc48b9aeccc7be31

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\images\favicon.ico
Filesize
400KB

MD5
c979b1455db21f8886dab3d3892cb64b

SHA1
d00720b6391dac9f7231d75ab51a5a11e85353c8

SHA256
ec3ffc8a5c733dfed8078e22d4ba7a8c4e41583d139c9f936172ad2e4714957a

SHA512
1fcf586b4b55d9f5298037fdf23d3dc4e69f1c931caffc3e712c92f68d68111a9badd9de06ef7c9bef00e04dce5118648df28285a891b433f0ed4b9fe2902d49

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\svg\check-icon.svg
Filesize
712B

MD5
f4b58b1df257a304c25b4cef9af07369

SHA1
2fe1adbc9a88b7cf7b8629d40a9d517ba12dd03c

SHA256
5a40d2d6592dbd9fa2f4a72e52bb7069af64975f2e059b0636a73a029925da84

SHA512
79174f82a40f7938fb7e4f6571e93e73d46229cbaa4cbd4856fe565dab2dd2436c7f06c3b9ce2c13c4a03ef799e3e7bb564529f6eb024487a217d825c82043ed

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\svg\delete-icon.svg
Filesize
421B

MD5
4bd03ef64ecda807042f8f79b09b0ffa

SHA1
0f5bfaff592c643435dd93a3b0242c70e930ca9c

SHA256
d1defe968d60bd393f5b107bd204cb593d0943b2c7555d70c67dd3af5f6ec02c

SHA512
ebe080e378c94c4756eb0648d215a97237c8838138fdd767fc8ff917ea19f9386b71bb6d7fbc32d8bfd13b1d71bf88cf31452962e78f8865e46f5233b8ccde96

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\svg\dots.svg
Filesize
5KB

MD5
1283b41b95dea53a801b8573844e06d1

SHA1
7514e526f51ad67f6616b3d7df51305d587a915c

SHA256
8387c5d9e3e9ca2e80d7c4ad7660980f5e26d43a1ee8f6401e5d812a8dcf0ce0

SHA512
8787737b63e803c1598ed25bccb0532a35a64eca8cdcf11bb3d390c7676d6f4f2ed2b5202b805601240c69bb86ae83e2286009db82a70d5e9150c643fcdbd729

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\svg\drag-box.svg
Filesize
515B

MD5
82dae1fd9ee89bd860b77d3de8b4dd19

SHA1
5956189cabcd7a6cb1b525582b5f6051401cef11

SHA256
5d0cb5c7ce20e066483e64fea703618d5a316ebcba15e1e52b6bf9684a46167e

SHA512
e58ba3d12238b6e94db0d16ab8d2f829788ac80be241638f034665c39ca9fb17f4eda7340c14fd5bb36825f8edb666074949b3d8414ef864b337331892c2d901

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\svg\dropdown-icon.svg
Filesize
436B

MD5
070e169ce1eee4aa264b6768230e31cb

SHA1
5665ce82c6139af8aab352d9e30de5d498a672dc

SHA256
a8dc58d8b9307ff21d544ef4e8092c48e675a605dd3c8de9e6d711e4ac7dd51e

SHA512
8ddeca27f2e2f465c63529d0fd5e5555a432680288578ac1f6f5a6a0f3d5b12ed71f461eba1594248b10c65f27bdd68f60d72d923a21d271d55027bde39af285

Download Submit
C:\Users\Admin\AppData\Local\Temp\scoped_dir1392_1001233421\CRX_INSTALL\svg\warning.svg
Filesize
648B

MD5
115770e1f5753e6c437c676f507b2b22

SHA1
ad7228790901451b78a88fe190150587796f2636

SHA256
4a562c06c14ca2160a929ffada1583ece634c2addd26f430a3248b60b92d3565

SHA512
35291f7a6bdf5b79d89772ae45a7d2c8382ff5e3232f38f8cec0052b100ccc49e59198f61ab6892077d893c509d4dd689dfaa443e4504228d39b15f904420a6e

Download Submit
C:\Users\Admin\Downloads\WatchUpdate.rar
Filesize
577KB

MD5
38e327fd62645bb3753b3cc4416ad7af

SHA1
bb79463acc679a28d4691445b0c159e4b5d59767

SHA256
95e3842a469dddd20881d0008a0cd3636813c1648419fa23c962cacd3015a353

SHA512
457fe480241578aa0748e285becc6e3f7325ee36111f65a8488f8d2d8ea5d279b91639ec98806569bc4e9ec459201ef6d4206eeeb27473d00fa4b1000a3e3f96

Download Submit
\??\pipe\LOCAL\crashpad_1392_LWQBEDKROBCQDMSH
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/1044-133-0x0000020DB9F30000-0x0000020DB9FB6000-memory.dmp

Filesize
536KB

Download
memory/1044-144-0x0000020D9F7B0000-0x0000020D9F7C0000-memory.dmp

Filesize
64KB

Download
memory/1044-145-0x0000020DBA3D0000-0x0000020DBA4D4000-memory.dmp

Filesize
1.0MB

Download
memory/1044-147-0x0000020DB7D20000-0x0000020DB7D30000-memory.dmp

Filesize
64KB

Download
memory/1044-146-0x0000020DB7D20000-0x0000020DB7D30000-memory.dmp

Filesize
64KB

Download
memory/1044-134-0x0000020DB9EA0000-0x0000020DB9EC2000-memory.dmp

Filesize
136KB

Download
memory/1044-148-0x0000020DB7D20000-0x0000020DB7D30000-memory.dmp

Filesize
64KB

Download