hxxps://github[.]com/JumperYT-official/njRAT-Platinum-Edition-RuS

max time kernel
236s
max time network
240s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
03-08-2023 21:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/JumperYT-official/njRAT-Platinum-Edition-RuS

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 3 IoCs

pid	Process
4612	playit-0.9.3-signed.exe
5448	playit-0.9.3-signed (1).exe
4644	playit-0.9.3-signed (2).exe

Drops file in Windows directory 11 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe

Modifies Internet Explorer settings 1 TTPs 3 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133355706122035439"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsVisitCount\url2 = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "28897"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{C813A06E-1D72-4FAE-B0A7-3EB7A6D93A73} = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\OneBoxLoadAttempts = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IntelliForms\FormData	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 912aa3fd4ec6d901	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com\ = "0"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLs\url4 = "https://signin.ebay.com/ws/ebayisapi.dll"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\ServiceTabLoadAttempts = "2"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0528b02c4fc6d901	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "3433"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\ = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "132"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 3c404c424fc6d901	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\msn.com	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "31340"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 99cdad2c4fc6d901	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ce10890cc8fcad40be947aafbd3b927a000000000200000000001066000000010000200000001de95e76b8c469f5003cbbf76d08891b579abf5352c4f33c91b25cf648ce2636000000000e80000000020000200000002935dcb687ccb48e3a360c5c8f9dd8b75011d93b857d765b55920b998fb012eaa000000073f7de45b8d77cf40362003e76ffefa9447f4569680d860d6ade6cccdb672d084e5349f81525f128ca6ab7c68e14a0cbffc23da109c96b81604bbab5e2f362bee9a66cbbd58305aa4db0f8cbf70425657389a82f69db16b6b264f4fb9cd7b6799d493e0400913ac4d50b76ec8d776bce0cf36e92e0119cc892958abce5c1d2114534bfe5037d65e758c392797965f30bdebaefa2fab73017fae6afe670a27e1840000000c87d764da4dd56579ce8881927445a6cc144e24207d9f56db88dcf13362e1c679431f932d14403638b710680bac9d4c0038dbc2a0261fa3395868c1397cbe43b	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileNextUpdateDate = "397259149"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.msn.com	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Extensible Cache	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "3433"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "28897"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\Total = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsTime	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TypedURLsVisitCount\url3 = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 16f77b674fc6d901	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229013990-3330391637-2814184332-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000ce10890cc8fcad40be947aafbd3b927a0000000002000000000010660000000100002000000077d611d47715e969b977e21d9515517efaaec8768dd484fad6198835fa5a2b1c000000000e80000000020000200000004614bc16cdf647b8df1fa7c47366b61b01b996f1db5cebd17d613cf2d6a8dd7d20000000892c2f7b650bfd8a81b14abb1b9a3339d291926f6eaa2e0a3d499a6efff51810400000005b113fb00504ddaa6c534f30e6312139f30b52f0b539279bafe6f80da8b38d33f622a57a7a5614679a5c2302919a9e1a95d9708701d0b50ce55c21472ce030ec	MicrosoftEdge.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2452	chrome.exe
2452	chrome.exe
5240	chrome.exe
5240	chrome.exe

Suspicious behavior: MapViewOfSection 19 IoCs

pid	Process
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe
Token: SeShutdownPrivilege	2452	chrome.exe
Token: SeCreatePagefilePrivilege	2452	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe

Suspicious use of SendNotifyMessage 40 IoCs

pid	Process
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe
2452	chrome.exe

Suspicious use of SetWindowsHookEx 11 IoCs

pid	Process
4476	MicrosoftEdge.exe
4516	MicrosoftEdgeCP.exe
2492	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
5908	MicrosoftEdgeCP.exe
3096	MicrosoftEdge.exe
2524	MicrosoftEdgeCP.exe
2524	MicrosoftEdgeCP.exe
5512	MicrosoftEdgeCP.exe
5512	MicrosoftEdgeCP.exe
5512	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2452 wrote to memory of 4520	2452	chrome.exe	57
PID 2452 wrote to memory of 4520	2452	chrome.exe	57
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4824	2452	chrome.exe	72
PID 2452 wrote to memory of 4232	2452	chrome.exe	71
PID 2452 wrote to memory of 4232	2452	chrome.exe	71
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73
PID 2452 wrote to memory of 1280	2452	chrome.exe	73

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/JumperYT-official/njRAT-Platinum-Edition-RuS
1⤵
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffdc5b09758,0x7ffdc5b09768,0x7ffdc5b09778
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1984 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:4232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:2
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2052 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2936 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2924 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:2264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:4200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5492 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4792 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4616 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:3496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5764 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5480 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:1904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6068 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4848 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:4072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5692 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:2808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5384 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6020 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6124 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:4828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6024 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:4876
- C:\Users\Admin\Downloads\playit-0.9.3-signed.exe
  "C:\Users\Admin\Downloads\playit-0.9.3-signed.exe"
  2⤵
  - Executes dropped EXE
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6232 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4588 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:5540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5984 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:5572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6472 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:5668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6108 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:5704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=6076 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:5784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:2908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=764 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6340 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:5436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5824 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:2844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3872 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:1500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:2108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3032 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:3464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6208 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:2152
- C:\Users\Admin\Downloads\playit-0.9.3-signed (1).exe
  "C:\Users\Admin\Downloads\playit-0.9.3-signed (1).exe"
  2⤵
  - Executes dropped EXE
  PID:5448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5376 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:1
  2⤵
  PID:68
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2272 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1680 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:5844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6516 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:3184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4540 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:5492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6028 --field-trial-handle=1728,i,13832486550875035169,15666613302381654149,131072 /prefetch:8
  2⤵
  PID:5604
- C:\Users\Admin\Downloads\playit-0.9.3-signed (2).exe
  "C:\Users\Admin\Downloads\playit-0.9.3-signed (2).exe"
  2⤵
  - Executes dropped EXE
  PID:4644

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2492

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3104

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4476

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:3260

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
PID:4516

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2492

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:748

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:5224

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:5336

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:5152

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5908

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3096

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:5724

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
PID:2524

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:5836

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5512

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:5496

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:5144

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:5920

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:640

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
73f0c887ca2a821341bad6ccb4499c11

SHA1
6c82d84389ae13172fc8ad3d9b2a8a13b001f335

SHA256
344c8e7a38f77f1d899fcb21bc4093614f03af709c98f53469c0091974834f07

SHA512
b6184c5ad13ec62736f9af6c273e79196faff8c1615486d0f41038d5723154415cd48f7cabe929f6bee77f57ad55e678542b39f9ae5ca2d3763fb44f0ff4b2d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
2d3ae3034d22bace48090f8253c0708f

SHA1
aab8c91261f7bd46508ffba47a8f9909c0657bf4

SHA256
33297ce62f03f2fdf121a0b8858c2c84349a001cd96f3a1949982eb453d7b015

SHA512
de44a7672fe0f9ac6dd9cdc8be827ccc4fd6eebe4b170d5d52b4cb4238a6c8771e481cb4f8c4e5e68d9543eeb74d81ec7d883af71dcd9a8622efca05a190df87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
29e0c8193df0783106a5d914497f3f9e

SHA1
c5115b9488dcb03802a0585134ec73751b054eba

SHA256
860318fcbf76a84566c3b29c25ebc17a20d48e9bbb10c4e515ba082ea097f8bf

SHA512
cc800f7b62a8365b91eb66b3bbafc3f4b32d4ebd911bace27495f85fe6c4b9f3a8239e27cb65e4cda9639a27faa6a64d25c11899468e306053972469a5919067

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
d31161942b1a9793b1d1cf7a4cc01319

SHA1
f2f73c1e3c6c96b0c31cc94880d85373d4da6a74

SHA256
2ba74d1b984449ca4ce88463914039d0e41cedc38faf68d4dc08793752844dff

SHA512
a8e286e614f9e5c1fca2aa893bf1c6b50c6669a4980a03db78a53d23ffcb83552b9e712bf1d64d4d239bf0503988cdf7d99ea7837ddbe8b8414120aceb5d7b42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
41e37263924fcdd315ed4ac87e902d69

SHA1
9613466979aae16acd36be9594074234c0ccdc72

SHA256
b2ec26360e5fd3c481c0265a6023d0bd3a3b9174fb487e2ea18c1eb88518c1f6

SHA512
1e36271ffc91cf54d4e835ef21ebb87d6dfaf54e26a4e01f72c505bf28579f53567bf1e3860c4ca8899abc45cfdc2fbbcaa7187308b242d7d8447d12b588af2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e9bb0afba4e2980ab8546ecd3fe145d2

SHA1
be7ef45aa51d21a0ad3e9a290db1bea7b4f33ccf

SHA256
2384b4083f2f71054101b7fce746b3410b7804b057ca6a3b09c7e9ce5aeed2c8

SHA512
3c2bdd8eb70479b3666f4ced5cc7336d6ebd3d6df14c4448e071d3518ea167ad0253fe52863300beee9ec607534a5f6db26fbef288b576b2b71bc522233ff0d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
653a1da2bed919f4fab9ec31b36dd7b2

SHA1
0da2f9aeec2406583fda47dc1f4bd510df799d4a

SHA256
d5437fbca6aa0606aa88b9ef86955c1652c16e9042e96355c4be546a086adae2

SHA512
b231e3cb285805efd12671ebf839e08b00bfa3b2e803bee81263b46008d16cd89e5942773f0fb1ff1ccdfc7148a8d4b7cb001ce788abad27b6f52fd3d6a2383d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
efd6f9c360a73750effb50de7a0ddbd2

SHA1
ac3f072b1368c086d1cbdd72daa8369958851a59

SHA256
62bfe3003c4c9b09ec9db633a9f59bf56fc4255f3a1a8c4d25cce8c3b03a065c

SHA512
e0702a670ed265dbdc951bde0cdac8b08ee7eafa8c2f803151672bbd85c7c62b28376633d3405239e079ffe06d54c68effe5f30dfac88a46de26dd46461ca84b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0159a3ae6c542ac3ccabddc6eb4f0b5f

SHA1
5b9ad6b187d9b4181b822f7e657831059690639f

SHA256
80a2432b603d28d6c8818b26ab1fc142daf41e08a6b7351ee4edc9f29acbe6ce

SHA512
9734a4e43f2ed9d09007de232f2573fa147e6caa44b74567ba81db89232b6258361426e6af87ff94defcc2331375f6cffb627eafeb368a391fa79f05ecb91cab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
e7e99c9b3b2ca7c271c9b9bb1d48ee1b

SHA1
24e829e14d1bb52bd49d6f8197df7d0705ba372c

SHA256
27017bfd08e9539b82b5f5f02afa8028ac6c74fd3b4527843238cbe240f92604

SHA512
dfcae90807950011836ee19b381b61f51b4d5707c33e0893f2176a1d0cf43d8cf22076d0c0582fb6af4688c4a28f603da6ae81d55ebd8e64f9b27e1ef04c7579

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d5b947788fbd9d113c1bd58bd606663c

SHA1
f7d38aef98c4eeb496267f3b68bc132141e6b292

SHA256
a94609e739a5fcccc74ea7e9c3f67a50ad1cb7350627d461902dac1a8ba39dd3

SHA512
ddfc3cb178162085acd462f8a022d7edced91560da318711970b29c5a088d27ef7f3b3a5d31448d9bfb1a79983daa4e89665b7c51fb06e08947c027c9e0e42d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
38cabada54ef3c2d9a94e7e4cf62e591

SHA1
7fa904c345a009bd08f60aa4241055bc35b37348

SHA256
3be24cf37fb3580117136c692ef10b75d7dec2c690ad9772074f97737f43cd7e

SHA512
159fa9c9c776f62f77dcc37620a3edee78869982a51f4688478d7f8b3b57c1cd9b73f37d9e19ff521e7bbe839302ec76ee1c121eb0b990b157f88e9c7f92a608

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
bcf4c6cc9d062d356ae96716b36a5bee

SHA1
796ff2a124c4764450877fd6508e6022651061b4

SHA256
3e8448725f5e5bcfe2e892549e4878037cd8296c05f20a802db520bafffb41c2

SHA512
9e9a3c883af35c7174fd054c38324236a9bba32570a0c52fd08cbab64379ad76346869e5957ba54f3f3c58a517239ac778d57ee8f87c1c03c17f8ff97751f6de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8b047087a58baaef1b5088e6a41b2d59

SHA1
9927f979b1962efca6e177f8a75dcadb15664945

SHA256
390a9ba4355e7c78a8eb22ce5360b13d4ab59ad899a8169e8d8d8165c9ad951f

SHA512
8e2b30e48c02d4bc896c906668078b326d657899c53d43b15fce84a32f75a3158ea02bf56303f92a87640192a2eef8008e0afe346b050682762bc4e25c1a1439

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c03e8c2b821af442a9bac967f8c0caaa

SHA1
d4345b43891f49db70850532f8ff5f7147020418

SHA256
6ecd9d7ef1b8549874cabdfee90ecb62b63db139511ce26feea235a451c41a6d

SHA512
c96a1fd52036012d8592f656528f73900a78b448e197588b94e1942303b457e30622aeeba92fb6264b1a9b5e1b8790a8889ed48521c5f0e719da48829016436e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9236bf967da85f8f55def9d124206341

SHA1
c3bbb2b85feded1e763b681461486dd77f4d8d3a

SHA256
0b12390a17dfe68b9a2f49a4bff35b057f99f455cce3003966096aa8760d2b39

SHA512
b137de7730ee564e39bef6e15c5870b6938a04153e49ca19629f0087fa9797f2d490a107b57d851d61f8212523fcabe402c26c40941bdef42c6ff69697ce107a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
74576d0e9f7a23ec5a9126c9811f902c

SHA1
2fd196f0acfaab81d3ece2911285bfa9cd9cc917

SHA256
4210c796ecd81bdcb685a74d1a38e452b43662936824595e80fdb7a7c1a815da

SHA512
d8990ec064d462c7f2d7ffe88944bf739de8231fcc307eea22da4e6302da8be14ef46160d9fa2f4d4a1df6e0ac696cbae0ffa6b657231a577a8278504faabc82

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d2a23941-0d71-470f-81c9-74e94aee4d48.tmp

Filesize
6KB

MD5
ec7452c393b9f4f4a223614fcadd09dc

SHA1
466c7ff530a28004eb73c7223ffc8857cb356f18

SHA256
4209ac6d90379dfcc1b573b02f10acdc0c6f17add8972772728a4db4332f91aa

SHA512
daabf24fe073c6c1589f32d44a1d829cdbbaa3df15f599fac636987ba390f2aa95e579781978e01cb53292047bea48b0ccdaee521b1d146411d0c1677ccc2285

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
4a08f2824693aefd7daf758d157ca9bf

SHA1
8cac775480fd0e310175bbe43bb2a95ab7338da3

SHA256
90b844654bd5e5df37d997557a5877967f38d890365289745d536f57a4fc5229

SHA512
e16f3cbfdd8490e5923b156420d77519d1703da62279c254e6d07da2ac297aa2d6fee820577d48678b85aa71426f59f425ade67dbb777abdaa04e057f110c7a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
70408f255fc7bb83784c49aca63189a7

SHA1
74335d4cd44e510557372cd5ff0d758f5cf8ff4e

SHA256
69d8c88c6f50d5dea5066421af7a9cca0b1ee6f5bf5dd6ac45084289f7670b91

SHA512
32cf5d0ed33e71df1eaf6b31adc6ab41c62bb4ae1c6797dbe6dbfef5c933e95ada4e61db50704c89994763f28182d79742025b31e8adb703f6ed4118448cc44f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
50ba8bf6ca56ee2009c4b6d47f066e99

SHA1
6f2906b6c52b938e6c772a35d4e16930e839de8b

SHA256
d9c34ef848f68764aff7a70bdbfd940c1a8c164e9c338e5b0b0083681a4ccfb3

SHA512
59cb29d02008c304d0d8493e34f1b625a9f5f8ea378a2b2832fddba6b829ae96645cc4cb9a69184b466e21497145b8c89846ea843c991cf006092bbfccfb5b80

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
6a1d6132fea0328af1835c6dfbfb1920

SHA1
5b95a20f993db7dbccef464a8b722dbeb4854579

SHA256
1e509c4e0d25d8cf479ee77f39a9e79e8386d68522cfff9bf1f58aa7b2429b01

SHA512
f9380a509c861056c75536ebf204bd0ce1853d078feee8ecc1a60f319796c97dedc117316c437b59073f5a4345c8074ceb363f18794b9e58ec6bff8a71a41bd9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
38fd671fd691b9c46d569c91994853db

SHA1
59f2bd78e327e843238b064c562a0353b60e3b2f

SHA256
ba7ef47356d271bd300412aa48a01f435f63f0340f0f2689fbc28aaecd816c5a

SHA512
bcd5d05030ecdc2483cfb3221d26950ba55d7e9394da4b10adbc6d0c42c663f0e03678cfe9b15b3a680304d82e305bf5417c0b46d680ebfbd5d46214d4b1379f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
111KB

MD5
e981d672e7dcbe3a981cc7de29263c1f

SHA1
60bf91f591266069bafee75840dbd2253054b204

SHA256
c7e1dd68cb19cf1bbe583c8b33ad60b6eb218a380d21d6409f14df85ffd3ad20

SHA512
0387df39bba884b29b88fa863d7aa846a2ec47a3076c1d0494550bb6e4c39967864311c43eef631aabd1d5f2383f07cdf61128710846a9d486c329b80ce1d7c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
113KB

MD5
18810f2b5950082a9e8edae662fd4315

SHA1
91d651386566d73f55614b72a4a67e5668eaea87

SHA256
a8285227f954ec0da478b27ffc04978a87964857993cd6e24e090daf35e168cb

SHA512
11074e2a1691241b75064bb3a0917d4e5ac4d44639e1562318cd685ed5558e0c21b2c01381e7da668074601062fd9f1d11daae5d2e1fa271fed5ef1f8aa351ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5897f5.TMP

Filesize
109KB

MD5
081fef6295214bbd1ba26bec7dc30140

SHA1
40ee8699b2c38be5b25c3b73ab9661b4ec9d64df

SHA256
4a1ac8f0cce57d7aaaa06408a653cbbce037b862b10ead5b4a5f0298d8b1b781

SHA512
9d3b56c2b97ceeccb1669f3ca17579b4cd17fd7e6c1ca2bc949db5818d4abd9f33f2a7423f49864cc72c84039dd0bb05085232c585b29282d8ffe7f92e59883d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\SA5PKX1P\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\challenges[1].css

Filesize
6KB

MD5
2c78b7f8fa496092bf41d5edd51611e7

SHA1
8b0b1b276e8194b0a5497db478ec2ea9b4f83c42

SHA256
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

SHA512
53a7750ea46082968c2ec557857ad3975cddb0b45595259f0f3e9fc16360b87c5f257e058489ecaf80e61a97f92f1c5e34fa2f6fcfe922f4ae22392ffd75b4da

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\collect[1].gif

Filesize
35B

MD5
28d6814f309ea289f847c69cf91194c6

SHA1
0f4e929dd5bb2564f7ab9c76338e04e292a42ace

SHA256
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

SHA512
1d68b92e8d822fe82dc7563edd7b37f3418a02a89f1a9f0454cca664c2fc2565235e0d85540ff9be0b20175be3f5b7b4eae1175067465d5cca13486aab4c582c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\css2[1].css

Filesize
599B

MD5
45eedb979c263e9d2dd9ea7f49b587d0

SHA1
45e80ddab26a6a1a6c771f4155dc0fe554710e46

SHA256
41ffedf07cbed4ab635faed5d9ac7b76cae803cae9f71330bb45a3ac66a55304

SHA512
cd38060a320fbba74e071339120d105d0aeff8b0ad2a40067bbbe63696eac07b3e6b570b390f14e1e191ea5df62876e6f9a3049676b6b9d7c4015abf6a219bf3

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\fa-brands-400[1].woff2

Filesize
102KB

MD5
5531dd3a7705ec68a6c5f5d02b25da6f

SHA1
e219af1e3bbc2219359d3d0916e263b279c4abfd

SHA256
967394d1fd10b388d99bec9df2a3cab546a40f695f5c70641daf0b51af5604c6

SHA512
82b0f830bdfc46fffb185083b17bf704c7d13f99b9e3a0e39824e9ba39d0d1081ad8901751124d7ddcc5d5fe6787604006d354d74243fe363eea40926d887744

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\js[1].js

Filesize
246KB

MD5
9e59028a92258eec4815002a71240559

SHA1
a7ec8d14c69f0845f498e98ca19dc63ca05cd9cb

SHA256
8f8248e6282607cac8fc753750694a380cc0d82957a6680f7e6b2f35cfa9bc73

SHA512
a09987a05af631e1f4f0b964d70a6a32c111611d02e7e61862f0905afca5401de2c8ad770966f35a05826af2313838ebe8a5bd2147ea5ae5c454a08bf543ec29

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\login-EYGP7TRS[1].css

Filesize
38KB

MD5
76461a6f8068a16028d6c0fa2e0d9e60

SHA1
cd6df5458963ec1495e8c6c3e8a1742d831d929f

SHA256
e106234a3cb91f5498e53c9ea455a7e7509b1925a1dff1a2e8a8dd7ed93a502b

SHA512
fe7f8d177b4f3c30e273b72c440e288a9081e26f5d5989f4ac4c087b766f4a891def3d4da3048cc4418dd3900b5179e5188a1da049ac6b782c213b24eba5d9e9

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KLLIV5X2\analytics[1].js

Filesize
51KB

MD5
575b5480531da4d14e7453e2016fe0bc

SHA1
e5c5f3134fe29e60b591c87ea85951f0aea36ee1

SHA256
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

SHA512
174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KLLIV5X2\reset.min[1].css

Filesize
623B

MD5
1f2cee41f75719df53c327efbf57e946

SHA1
2df339c265260a5b28f46af7b2e2b1a72b38944c

SHA256
17f8e278dca3501582144bcedc9dc5c123f6cc711cc6817a400cf4a699d954c1

SHA512
25f00b9f9a76aca45a370b6e942a68a36a388fba6c58a73c104cb9fe619af51ed29a0d2e5d2178042e932e93bcf738b7355d64254293be9b952f54970dcd625e

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\093437d4-c3cf-47b7-8c79-6b9053c5502d[1].htm

Filesize
4KB

MD5
af52b72be09517609b3263cc5e22a165

SHA1
c09c17cb03d16df85212d9aae165b5242bb0e7e8

SHA256
59c2342f502005683b97f13b272c67e952fa2535f8abc192deaefd8acb684e44

SHA512
995a9e38a30934217a84aaeb007237cb24b1e1f5476b8c11041734e508b43ea616075e3d04c6960811cd84af5d29ac5fa0406dcdca04683bd25ac24094e55dcc

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\fa-regular-400[1].woff2

Filesize
23KB

MD5
e42bcafcb7cc5002daa805140064bf40

SHA1
f7a09bcbd996fd634045d4e79b6504c945730686

SHA256
52ec4d833cfa502f109fcc197b417736165f53d3d0b4e73a2801c8d50b641805

SHA512
49d3c35d08fcd6d2b0166d4ae8ef565c097076a7bbbbb9b19e172abb8a05222221caa16f928cfeea658aaead37ae70e8683c8388c2f987bce73742b4bd9b261c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\fa-solid-900[1].woff2

Filesize
151KB

MD5
be4dccbe54eea47a0ad5d7bb60a3c17d

SHA1
1979128e8ba1517d85f5e4ee505abf486c51557c

SHA256
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

SHA512
7f7b2964cbeca667d4c26a208be85ab5cb77bb0817318fa3b9045643475ad50b0686427f71588ce52f340df9d030a979b12282da36d9cecd02e86962ff21741f

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\js[1].js

Filesize
125KB

MD5
67439ff7a36ab99ba8819abd73cc9781

SHA1
e081875702497ab19787de2763fc4b4043d6c323

SHA256
2d1e5800b807b82258051d56515bc1adfbcb17cedd42aa7d9d80c20948e6033d

SHA512
3f4ec90886ccdd236e420f0327bd3eafdf8aa15b4cc1acb8d8bca89d7452150570bf9bbb19804b89eae1714b2727aef664cfd785ac9913c2d2c34f5e7a3c7b98

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\warmup[1].gif

Filesize
43B

MD5
325472601571f31e1bf00674c368d335

SHA1
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

SHA256
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

SHA512
717ea0ff7f3f624c268eccb244e24ec1305ab21557abb3d6f1a7e183ff68a2d28f13d1d2af926c9ef6d1fb16dd8cbe34cd98cacf79091dddc7874dcee21ecfdc

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\KFOlCnqEu92Fr1MmWUlvBg[1].woff2

Filesize
49KB

MD5
90f0b37f809b546f34189807169e9a76

SHA1
ee8c931951df57cd7b7c8758053c72ebebf22297

SHA256
9dcacf1d025168ee2f84aaf40bad826f08b43c94db12eb59dbe2a06a3e98bfb2

SHA512
bd5ff2334a74edb6a68a394096d9ae01bd744d799a49b33e1fd95176cbec8b40d8e19f24b9f424f43b5053f11b8dd50b488bffedd5b04edbaa160756dd1c7628

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\KFOlCnqEu92Fr1MmYUtvBg[1].woff2

Filesize
49KB

MD5
7df4c34907fd08969df36f15dc6344ca

SHA1
c08870ebfd4a2f137d5dba195b66b3cc5c0739d2

SHA256
01e2ddffc6ab092c5a435592e80818e5a5fd6cf542e5c72f7bdd9d76984838f5

SHA512
41f1f74e1395830dca6e332e0c9f488c031234ce6c02702c90d554e5c36752f4ea47305677d94a6ee1f9620f6793a3b13c065521beef7e5b47f30e98890c73e1

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\KFOmCnqEu92Fr1Me4A[1].woff2

Filesize
49KB

MD5
ee26c64c3b9b936cc1636071584d1181

SHA1
8efbc8a10d568444120cc0adf001b2d74c3a2910

SHA256
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368

SHA512
981a0d065c999eea3c61a2ba522cb64a0c11f0d0f0fe7529c917f956bce71e1622654d50d7d9f03f37774d8eee0370cfb8a86a0606723923b0e0061e1049cbc6

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\all.min[1].css

Filesize
99KB

MD5
8ef777107c4620d4ddd4f8c4bb14a36c

SHA1
0ae47fa834fb55de7b50c79021aeabecfae50c9c

SHA256
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

SHA512
d6c0913dd9115e1055d8f04b51d45be2d320d70d983dfdfba9ab5415e4bbce5072ee3248f0b7f8547c167d965fa57b5848bcbce69926f4669855831fc39042d4

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\api[1].js

Filesize
27KB

MD5
c191949c3400c98226edab41041a69d1

SHA1
d5188abf64c451a2b5f9fbef47a5728aa6b824f9

SHA256
e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376

SHA512
ba7cc6402ceac05e3612744631532a216e4cbafe2a2d02922119a8bc413cbf4a40a137f81e4c81ebab6b5a3946c7f7fce574c5eabfaefdcb213b5ba706bf943c

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cache\Q0YNPGEH\IEOneBox_V2[1].appcache

Filesize
755B

MD5
74bd0216ba783d810d61211b41e92bd6

SHA1
a30b2ff92d3e9bb60ffeb6360a1cf8ee8b8c5869

SHA256
5922ba7bf985f1bf9d4cd9360838f09665e7405fea44142d8f9982c4dbaa57b7

SHA512
840ebea4281d08275773ff1e12ffa5903a76b9ec6156acd32249a22e051ccb9af300d9016a4fe138824f5c4a7efc27d37c6c04bab93e41d9f1e4c82df81ec2e7

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\GC18EC27\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\J3M5R649\favicon[1].ico

Filesize
15KB

MD5
e15402a41f04d656bceedb8d0a3ea40a

SHA1
31fee0b94d2a286a3d9b8094d5549a9ab1def5b0

SHA256
d8004341ba5458033d06eaa55af945a158f0bf170c5cbfb30a626e930e048bbe

SHA512
ffe902b3466bd6e96110ffe20a800b96a82f4042a6826fcea1750d0ffdde0aacc164aca51bceda7bdfef5047fcd41bb2026ba1e3b5109888396847881e944470

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\J3M5R649\favicon[2].ico

Filesize
758B

MD5
84cc977d0eb148166481b01d8418e375

SHA1
00e2461bcd67d7ba511db230415000aefbd30d2d

SHA256
bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c

SHA512
f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFD88EECC8848BD9DB.TMP

Filesize
24KB

MD5
d3cdb7663712ddb6ef5056c72fe69e86

SHA1
f08bf69934fb2b9ca0aba287c96abe145a69366c

SHA256
3e8c2095986b262ac8fccfabda2d021fc0d3504275e83cffe1f0a333f9efbe15

SHA512
c0acd65db7098a55dae0730eb1dcd8aa94e95a71f39dd40b087be0b06afc5d1bb310f555781853b5a78a8803dba0fb44df44bd2bb14baeca29c7c7410dffc812

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\css2[1].css

Filesize
599B

MD5
45eedb979c263e9d2dd9ea7f49b587d0

SHA1
45e80ddab26a6a1a6c771f4155dc0fe554710e46

SHA256
41ffedf07cbed4ab635faed5d9ac7b76cae803cae9f71330bb45a3ac66a55304

SHA512
cd38060a320fbba74e071339120d105d0aeff8b0ad2a40067bbbe63696eac07b3e6b570b390f14e1e191ea5df62876e6f9a3049676b6b9d7c4015abf6a219bf3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\EBDH6O28\js[1].js

Filesize
246KB

MD5
9e59028a92258eec4815002a71240559

SHA1
a7ec8d14c69f0845f498e98ca19dc63ca05cd9cb

SHA256
8f8248e6282607cac8fc753750694a380cc0d82957a6680f7e6b2f35cfa9bc73

SHA512
a09987a05af631e1f4f0b964d70a6a32c111611d02e7e61862f0905afca5401de2c8ad770966f35a05826af2313838ebe8a5bd2147ea5ae5c454a08bf543ec29

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KLLIV5X2\analytics[1].js

Filesize
51KB

MD5
575b5480531da4d14e7453e2016fe0bc

SHA1
e5c5f3134fe29e60b591c87ea85951f0aea36ee1

SHA256
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

SHA512
174e48f4fb2a7e7a0be1e16564f9ed2d0bbcc8b4af18cb89ad49cf42b1c3894c8f8e29ce673bc5d9bc8552f88d1d47294ee0e216402566a3f446f04aca24857a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KLLIV5X2\logo-NYRFHLA6[1].png

Filesize
2KB

MD5
c2e40f972d7eb425aacf51fbffa50a93

SHA1
3fb7763f2742e538500ab047f36f694ac475e425

SHA256
b62353fd3636791d248126a879121f911ca8e7cd98d016d333b9ceede1ad2878

SHA512
9ac72acc9000be2f835a6a533b25fa8e1b2b45da356cb8170221368f3a6d182c27e99c13900ca62051dd7c103cba48be44e8a03a4d77cf9964e8c97f9c3508af

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\fa-regular-400[1].woff2

Filesize
23KB

MD5
e42bcafcb7cc5002daa805140064bf40

SHA1
f7a09bcbd996fd634045d4e79b6504c945730686

SHA256
52ec4d833cfa502f109fcc197b417736165f53d3d0b4e73a2801c8d50b641805

SHA512
49d3c35d08fcd6d2b0166d4ae8ef565c097076a7bbbbb9b19e172abb8a05222221caa16f928cfeea658aaead37ae70e8683c8388c2f987bce73742b4bd9b261c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\fa-solid-900[1].woff2

Filesize
151KB

MD5
be4dccbe54eea47a0ad5d7bb60a3c17d

SHA1
1979128e8ba1517d85f5e4ee505abf486c51557c

SHA256
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb

SHA512
7f7b2964cbeca667d4c26a208be85ab5cb77bb0817318fa3b9045643475ad50b0686427f71588ce52f340df9d030a979b12282da36d9cecd02e86962ff21741f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TEAIK8VX\js[1].js

Filesize
125KB

MD5
67439ff7a36ab99ba8819abd73cc9781

SHA1
e081875702497ab19787de2763fc4b4043d6c323

SHA256
2d1e5800b807b82258051d56515bc1adfbcb17cedd42aa7d9d80c20948e6033d

SHA512
3f4ec90886ccdd236e420f0327bd3eafdf8aa15b4cc1acb8d8bca89d7452150570bf9bbb19804b89eae1714b2727aef664cfd785ac9913c2d2c34f5e7a3c7b98

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\KFOlCnqEu92Fr1MmWUlvBg[1].woff2

Filesize
49KB

MD5
90f0b37f809b546f34189807169e9a76

SHA1
ee8c931951df57cd7b7c8758053c72ebebf22297

SHA256
9dcacf1d025168ee2f84aaf40bad826f08b43c94db12eb59dbe2a06a3e98bfb2

SHA512
bd5ff2334a74edb6a68a394096d9ae01bd744d799a49b33e1fd95176cbec8b40d8e19f24b9f424f43b5053f11b8dd50b488bffedd5b04edbaa160756dd1c7628

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\KFOlCnqEu92Fr1MmYUtvBg[1].woff2

Filesize
49KB

MD5
7df4c34907fd08969df36f15dc6344ca

SHA1
c08870ebfd4a2f137d5dba195b66b3cc5c0739d2

SHA256
01e2ddffc6ab092c5a435592e80818e5a5fd6cf542e5c72f7bdd9d76984838f5

SHA512
41f1f74e1395830dca6e332e0c9f488c031234ce6c02702c90d554e5c36752f4ea47305677d94a6ee1f9620f6793a3b13c065521beef7e5b47f30e98890c73e1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\KFOmCnqEu92Fr1Me4A[1].woff2

Filesize
49KB

MD5
ee26c64c3b9b936cc1636071584d1181

SHA1
8efbc8a10d568444120cc0adf001b2d74c3a2910

SHA256
d4d175f498b00516c629ce8af152cbe745d73932fa58cc9fdfc8e4b49c0da368

SHA512
981a0d065c999eea3c61a2ba522cb64a0c11f0d0f0fe7529c917f956bce71e1622654d50d7d9f03f37774d8eee0370cfb8a86a0606723923b0e0061e1049cbc6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UHNF2EJF\all.min[1].css

Filesize
99KB

MD5
8ef777107c4620d4ddd4f8c4bb14a36c

SHA1
0ae47fa834fb55de7b50c79021aeabecfae50c9c

SHA256
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f

SHA512
d6c0913dd9115e1055d8f04b51d45be2d320d70d983dfdfba9ab5415e4bbce5072ee3248f0b7f8547c167d965fa57b5848bcbce69926f4669855831fc39042d4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\103621DE9CD5414CC2538780B4B75751

Filesize
717B

MD5
60fe01df86be2e5331b0cdbe86165686

SHA1
2a79f9713c3f192862ff80508062e64e8e0b29bd

SHA256
c08ccbc876cd5a7cdfa9670f9637da57f6a1282198a9bc71fc7d7247a6e5b7a8

SHA512
ef9f9a4dedcbfe339f4f3d07fb614645596c6f2b15608bdccdad492578b735f7cb075bdaa07178c764582ee345857ec4665f90342694e6a60786bb3d9b3a3d23

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\1B1495DD322A24490E2BF2FAABAE1C61

Filesize
300B

MD5
dec6bbe308eb44937f77160a25ee32db

SHA1
8f08a4b641b564b67205e00106ca6bd9ca46fc6e

SHA256
68a71de28f488586c2b169f4652347e0a1fd632d48a6d6725393607bfa18bc7e

SHA512
6c2d684af52588cfd34a682337749b829c2336b34d6add7e8bd6e0c641862c26889617b4d6e9f298fd177b89527deb696c493a205ea8490bb8aee60090a68475

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
331960526cea21872195fc9e6ea4fddd

SHA1
231c1f739ad5c07145a585b130fd78b2eddfaad8

SHA256
64e62eac13fcba5e996cd6022138665ea8846a098fc95d0f5268f8c05f6cd8d4

SHA512
03bc01689098cf627fbda1fae6c082d3545809896e38bf2187e8d980ec02251aea8a79c10614b78f3c260c29a2b604a901ac9a2e6e3e84e8323bc7805358e307

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
aa62f8ce77e072c8160c71b5df3099b0

SHA1
06b8c07db93694a3fe73a4276283fabb0e20ac38

SHA256
3eb4927c4d9097dc924fcde21b56d01d5d1ef61b7d22bfb6786e3b546b33e176

SHA512
71724e837286c5f0eb2ee4ad01ac0304d4c7597bb2d46169c342821b0da04d8597491bd27ef80e817bc77031cd29d2182ccc82ef8ea3860696875f89427c8e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_4F17877C8AE6639A45D2A2D5F49F1D51

Filesize
471B

MD5
44f059ff1e46eb14cbf49bc85ece886e

SHA1
bc4845967673aacbe4317fba038ab36028c7784e

SHA256
e0e6d7de6a74af9402fc20b3559818fa3dd6c57c73ab42f783cd51c77db560b1

SHA512
0f81d3972d5a7b1d11a8b8fb5751539d0e60902f1add521c909128c9c53a738161c32ebe46a27e151c86b8c927125e2c5377d8982033ecd012555df8104df930

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_B31CC90310AFE0EA4D48390AF778528D

Filesize
472B

MD5
2e43b050b64d8da2497bd4c19c70ac5b

SHA1
ebb20377e8d2f6093237786c78a86e0b8eda9771

SHA256
fc8c5307a9a01f11c2331917f2744b51ba3f068971123310656076750926dba7

SHA512
4bf5d0368ea9b6739a8c28050c2fea6eb3e8b02c3c3fccdfcdb5db74c19740ab6254a417d02dc708fbf3656630c6d75877140408a216ab8fc4c0ea86ff527b69

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_0748E67E80AF362FA2122F9BE8E2128E

Filesize
472B

MD5
6017700e49c6d149040787fc19c67618

SHA1
1c3399ae484b76bf73de01c1c7598dee47c2fa3c

SHA256
7d15407f56fa4a6e91535b0fd4174858f88a4d25db7b6de830bba181f5918268

SHA512
4e813a58a990f9bab1fbaffcafaf29367d53ce22c738b7281d2928c1a02716315d2bb05f550f01c840936f34277318fed4fe66fee51af0c57fc29ec7532eaf89

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_2D1313B7972E9B56FD9D4615C8F2AA79

Filesize
471B

MD5
c5bb28c66cdfba07a387a37fa30c0f6b

SHA1
2e5cecf3d23b3b7c70831b9eaae2419d04cc7bc3

SHA256
0781ddf953f958efe7463fcca618c61377e9f2174aefd9118bcc54f5708bad64

SHA512
8c2fd34499871bcd5edc583f1de84ec0854ffec2d34bfe62c71187aa7308d48ff7d9b3a20de0de8cbb3fbba46b67e3105442b552f1c5869ed485fa9af98e6a38

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\103621DE9CD5414CC2538780B4B75751

Filesize
192B

MD5
18aebac6b9d47d6c7661e9388b06418a

SHA1
bae2e5b1c6e77b7d61304db560c73f6552b396fc

SHA256
f23372b1517d79be2d202c7146672707f6e634e9390319e3d8f09d12b315e64b

SHA512
94726a442cd8974e5e32cfe365c6f18dc3f5c6b93a82e1e96df86037baf5db1ae43576dce8df40a78a7fa319a72f0a1d8d41c88b09d15a7153be2cac2feb0022

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\1B1495DD322A24490E2BF2FAABAE1C61

Filesize
192B

MD5
c9ed2d1f9df03a282cadb2d751f2afb6

SHA1
b6a45fd2a03602b3213f9381ae8216d93ddbffa2

SHA256
94338f45ce24b8f10d3db39d281f7a30f4017bf60bb448ceaad14152f059c654

SHA512
ef2b67b946177bfc6d05b40dbb61072094a3a369d0cde35f944aa9bdfb6012a63f42ddd9af32c47e29913acd99004d20886cb2f1b6585085837c4f8d2c218cb0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
118c89aad1e86d2406a575f046ba87a5

SHA1
52ce0318d1d93dbc7434690d9230317d26a96e9b

SHA256
708e3262aa733b75ad74f4c7fd7334a7bd467a9cb09acb1156f04ca17b29559a

SHA512
e706df1b60a9245bb3990226c5255ba7125c6b5c5ddbd753af67ee4c82ffa3c74d0e5396c2028edd5eac2455642f2d043c4b7e77b54c008e0ed2c6b9d07d9d60

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
b5c33e8f6c0e157b461d578a0373c3d6

SHA1
37112941d79bdb7e4c7fce5ed709c45776a4c68f

SHA256
c116358b53f88610190b386919cd9fed7e54d11c5c42b2ae5ed566eade137c20

SHA512
5ba2f2bbdf263fa0d161c8aa782b95dfe6c02b744d6621d0c4d898ab79bb5aa697ce577d195ad113c878b17522f7878498646cfec877641303eff4b20ef43e0f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_4F17877C8AE6639A45D2A2D5F49F1D51

Filesize
406B

MD5
ce4f7acb44db12f81ecb4764a1f130a4

SHA1
7ef3e815ba68e0090f6b0b47ee041a7316ee97ed

SHA256
162756b6a4b154359365179b2da4f2a1c23c10d61c45f7fde959d3f1fe2410b6

SHA512
f3cb2502b0bda403057737471e957ca9bade23324a5bd154313062a6332aaa2211d48e55f4eec38cd2493555dc603bf0d154c4dbcabb7841e5af89fae2e5145e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_B31CC90310AFE0EA4D48390AF778528D

Filesize
402B

MD5
debff534ee610f82716eb09eb4e5d9bd

SHA1
b30aa1fe61d70de24ab534760ca7f96c3d7196da

SHA256
d3d7cdd46ca468fab5ce23df78e03326d19445c9d81bae461ec31091fb11e98f

SHA512
565777e38751268d5829f1d3959904bb8c0e511e7f7853f3d4737eb42f1a6696a6dec5ecf5223ed8f0896bd1d81f3d82033a4f551bb80723dc7dab49115df152

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_0748E67E80AF362FA2122F9BE8E2128E

Filesize
402B

MD5
a57104f1735746a436326e4a5e2a2197

SHA1
4e7c21353274bcd6610fce9ac1a216bcca491e1c

SHA256
93497c8b6b3f9492803a7b742d01eda77e5a5a994a150175190b8272ea35d29f

SHA512
9ffa5e6a3703d0c9ac12545d9b5c6839a23cb68f72a3265a989437e9714207ebee7a10cafdad6ed0c71a2fb1285a79fe3d9b543952d239c5f72420a9a84c75da

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_2D1313B7972E9B56FD9D4615C8F2AA79

Filesize
414B

MD5
bd9e2f0cdddacc72d3aa8f7a4ec80ad0

SHA1
011b616dada538cf584afb85382df804fa302a83

SHA256
d03dab50f4793f308078a34275f87109b22319a9b2f1bd237b3c17aeaf822f9c

SHA512
046cb90792918bfcdad26130e9cc7705161149a003ab1529ea525c80e6029939c5cccc2e8639e1921a60f89459fbea102575559ec98a16adc648ae8ca6bfc2fc

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 970098.crdownload

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\njRAT-Platinum-Edition-RuS-main.zip

Filesize
9.4MB

MD5
77b83a87828704868df93a4c15c6fbb7

SHA1
69955655c90b8fc5778ff165b2417933560f2772

SHA256
2f2eed1731f3addbd1c192ab1c82631caba60e6cba3b32aaacde4c1d75effb0b

SHA512
10a3818520d774d21779dc101c9d81830841ccc8f1ceb3837e3202df3f761790ee2a8c134163062d247b7451c749446a4e6947716e470a3ab101093ed2ae662b

Download Submit
C:\Users\Admin\Downloads\playit-0.9.3-signed (1).exe

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\playit-0.9.3-signed (1).exe

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\playit-0.9.3-signed.exe

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\playit-0.9.3-signed.exe

Filesize
13.1MB

MD5
da0750733bf36c61222eefaba4805dcb

SHA1
304e90d123300e646b768f1f358e59ba506b7dce

SHA256
c9ff8f05cdde137cb0e1e386184a42d4889988c4cfd235fd3340fe545f5e06ac

SHA512
f9a8e89f294257f785388e237a6da1f363f8d78af7c9b473d67261b99526224eb84598eacbba17f01a9f2eb2f6fea0740f7e37df92891df8fa39a33820287454

Download Submit
C:\Users\Admin\Downloads\playit.toml

Filesize
299B

MD5
8161428918bf258ca8e2c5ab571c7a15

SHA1
a9043fe30e8c27ff8f2cc51ee8ed408bc10108f2

SHA256
2aeb123ec5f8faf6016b80c6baa6c43f507c6ba0e1d6f38582cf35e99b9280bf

SHA512
ce36f83d7af42c91633a46b730ab8a7c9f4eb3ab5a886f1089a7781174e376611a47198823a17cf003165c1177eaf051079dfdf63972d6d2e75422f7d778c905

Download Submit
memory/748-606-0x0000020EF7E50000-0x0000020EF7E52000-memory.dmp

Filesize
8KB

Download
memory/748-517-0x0000020EF7710000-0x0000020EF7730000-memory.dmp

Filesize
128KB

Download
memory/748-572-0x0000020EF83C0000-0x0000020EF83C2000-memory.dmp

Filesize
8KB

Download
memory/748-610-0x0000020EF7E70000-0x0000020EF7E72000-memory.dmp

Filesize
8KB

Download
memory/748-818-0x0000020EFAA30000-0x0000020EFAA50000-memory.dmp

Filesize
128KB

Download
memory/748-415-0x0000020EF4C30000-0x0000020EF4C32000-memory.dmp

Filesize
8KB

Download
memory/748-418-0x0000020EF4C60000-0x0000020EF4C62000-memory.dmp

Filesize
8KB

Download
memory/748-420-0x0000020EF4C80000-0x0000020EF4C82000-memory.dmp

Filesize
8KB

Download
memory/748-466-0x0000020EF5920000-0x0000020EF5A20000-memory.dmp

Filesize
1024KB

Download
memory/748-468-0x0000020EF78F0000-0x0000020EF78F2000-memory.dmp

Filesize
8KB

Download
memory/748-527-0x0000020EF77E0000-0x0000020EF77E2000-memory.dmp

Filesize
8KB

Download
memory/4476-573-0x0000017A78790000-0x0000017A78791000-memory.dmp

Filesize
4KB

Download
memory/4476-392-0x0000017A722F0000-0x0000017A722F2000-memory.dmp

Filesize
8KB

Download
memory/4476-575-0x0000017A787A0000-0x0000017A787A1000-memory.dmp

Filesize
4KB

Download
memory/4476-373-0x0000017A72900000-0x0000017A72910000-memory.dmp

Filesize
64KB

Download
memory/4476-357-0x0000017A72120000-0x0000017A72130000-memory.dmp

Filesize
64KB

Download
memory/4612-637-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/4612-886-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/4612-1056-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/4612-1143-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/4612-1166-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/4612-1185-0x0000000000400000-0x0000000000C1E000-memory.dmp

Filesize
8.1MB

Download
memory/5336-1287-0x0000022CFD200000-0x0000022CFD300000-memory.dmp

Filesize
1024KB

Download
memory/5336-920-0x0000022CFB2B0000-0x0000022CFB2B2000-memory.dmp

Filesize
8KB

Download
memory/5336-934-0x0000022CFB410000-0x0000022CFB412000-memory.dmp

Filesize
8KB

Download
memory/5336-938-0x0000022CFB430000-0x0000022CFB432000-memory.dmp

Filesize
8KB

Download
memory/5336-962-0x0000022CF9900000-0x0000022CF9A00000-memory.dmp

Filesize
1024KB

Download
memory/5336-976-0x0000022CFCC50000-0x0000022CFCC70000-memory.dmp

Filesize
128KB

Download