hxxps://github[.]com/mohamm4dx/SilverBullet/releases/tag/1[.]1[.]4 / hxxps://anonfiles[.]com/l1vea5x0zd/Hustlers_University_svb

Resubmissions

08/08/2023, 14:54

230808-r9y65aef7y 8

08/08/2023, 14:53

230808-r9n16aef7x 1

Analysis

max time kernel
1741s
max time network
1689s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
08/08/2023, 14:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/mohamm4dx/SilverBullet/releases/tag/1.1.4 / https://anonfiles.com/l1vea5x0zd/Hustlers_University_svb

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 8 IoCs

pid	Process
3716	Hustlers University.svb.exe
1436	SilverBullet.exe
1844	SilverBullet.exe
2112	Hustlers University.svb.exe
3636	Hustlers University.svb.exe
1468	Hustlers University.svb.exe
3604	SilverBullet.exe
2932	SilverBullet.exe

Program crash 4 IoCs

pid	pid_target	Process	procid_target
3292	1436	WerFault.exe	155
3784	1844	WerFault.exe	166
3764	3604	WerFault.exe	175
4052	2932	WerFault.exe	178

Modifies registry class 60 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe100000004d510c07acadd9018f9ffa0059b0d90174cb857608cad90114000000	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings	OpenWith.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\NodeSlot = "2"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Downloads"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\MRUListEx = ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 14002e8005398e082303024b98265d99428e115f0000	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1498570331-2313266200-788959944-1000\{4F1F116A-704A-422B-80B9-9C930DA3C00B}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616193"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1"	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1	msedge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}"	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2	msedge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1498570331-2313266200-788959944-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48"	msedge.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 984208.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 297294.crdownload:SmartScreen	msedge.exe

Suspicious behavior: EnumeratesProcesses 22 IoCs

pid	Process
4700	msedge.exe
4700	msedge.exe
3344	msedge.exe
3344	msedge.exe
3520	identity_helper.exe
3520	identity_helper.exe
3936	msedge.exe
3936	msedge.exe
4160	msedge.exe
4160	msedge.exe
4428	msedge.exe
4428	msedge.exe
3680	msedge.exe
3680	msedge.exe
3680	msedge.exe
3680	msedge.exe
3596	msedge.exe
3596	msedge.exe
2760	msedge.exe
2760	msedge.exe
3424	msedge.exe
3424	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 41 IoCs

pid	Process
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe
3344	msedge.exe

Suspicious use of SetWindowsHookEx 26 IoCs

pid	Process
2392	OpenWith.exe
4528	OpenWith.exe
2372	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4528	OpenWith.exe
4428	msedge.exe
3716	Hustlers University.svb.exe
2112	Hustlers University.svb.exe
3636	Hustlers University.svb.exe
1468	Hustlers University.svb.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3344 wrote to memory of 3880	3344	msedge.exe	83
PID 3344 wrote to memory of 3880	3344	msedge.exe	83
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 3836	3344	msedge.exe	84
PID 3344 wrote to memory of 4700	3344	msedge.exe	85
PID 3344 wrote to memory of 4700	3344	msedge.exe	85
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86
PID 3344 wrote to memory of 1484	3344	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/mohamm4dx/SilverBullet/releases/tag/1.1.4 / https://anonfiles.com/l1vea5x0zd/Hustlers_University_svb
1⤵
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc45db46f8,0x7ffc45db4708,0x7ffc45db4718
  2⤵
  PID:3880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:3836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2856 /prefetch:8
  2⤵
  PID:1484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1
  2⤵
  PID:412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:4684
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  PID:3600
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4584 /prefetch:8
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4572 /prefetch:1
  2⤵
  PID:2732
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
  2⤵
  PID:1432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
  2⤵
  PID:2124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
  2⤵
  PID:1508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
  2⤵
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6672 /prefetch:8
  2⤵
  PID:3996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
  2⤵
  PID:1188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6328 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3896 /prefetch:1
  2⤵
  PID:4572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
  2⤵
  PID:2164
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
  2⤵
  PID:2208
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:4516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:3136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1296 /prefetch:1
  2⤵
  PID:2548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6896 /prefetch:1
  2⤵
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1708 /prefetch:1
  2⤵
  PID:4780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7124 /prefetch:1
  2⤵
  PID:3976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7304 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:4160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7144 /prefetch:8
  2⤵
  PID:1992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
  2⤵
  PID:180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:1
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
  2⤵
  PID:2372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:1
  2⤵
  PID:844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
  2⤵
  PID:1104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:3956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:3248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7496 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of SetWindowsHookEx
  PID:4428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
  2⤵
  PID:1428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
  2⤵
  PID:4568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:2292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4672 /prefetch:1
  2⤵
  PID:4712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=7264 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7308 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3596
- C:\Users\Admin\Downloads\Hustlers University.svb.exe
  "C:\Users\Admin\Downloads\Hustlers University.svb.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:3716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3032 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7836 /prefetch:8
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7464 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2760
- C:\Users\Admin\Downloads\SilverBullet.exe
  "C:\Users\Admin\Downloads\SilverBullet.exe"
  2⤵
  - Executes dropped EXE
  PID:1436
- - C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1436 -s 1072
    3⤵
    - Program crash
    PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7488 /prefetch:1
  2⤵
  PID:4652
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3108 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,11292653155692031496,5701040345386039227,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1
  2⤵
  PID:3424
- C:\Users\Admin\Downloads\Hustlers University.svb.exe
  "C:\Users\Admin\Downloads\Hustlers University.svb.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:2112

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4076

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4052

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2392

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4528

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2372

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 1436 -ip 1436
1⤵
PID:4296

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1332

C:\Users\Admin\Downloads\SilverBullet.exe
"C:\Users\Admin\Downloads\SilverBullet.exe"
1⤵
- Executes dropped EXE
PID:1844
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1844 -s 1040
  2⤵
  - Program crash
  PID:3784

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 516 -p 1844 -ip 1844
1⤵
PID:3364

C:\Users\Admin\Downloads\Hustlers University.svb.exe
"C:\Users\Admin\Downloads\Hustlers University.svb.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:3636

C:\Users\Admin\Downloads\Hustlers University.svb.exe
"C:\Users\Admin\Downloads\Hustlers University.svb.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:1468

C:\Users\Admin\Downloads\SilverBullet\x64\SilverBullet.exe
"C:\Users\Admin\Downloads\SilverBullet\x64\SilverBullet.exe"
1⤵
- Executes dropped EXE
PID:3604
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3604 -s 1068
  2⤵
  - Program crash
  PID:3764

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3604 -ip 3604
1⤵
PID:2724

C:\Users\Admin\Downloads\SilverBullet\x64\SilverBullet.exe
"C:\Users\Admin\Downloads\SilverBullet\x64\SilverBullet.exe"
1⤵
- Executes dropped EXE
PID:2932
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2932 -s 1040
  2⤵
  - Program crash
  PID:4052

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 2932 -ip 2932
1⤵
PID:1456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
8411007bafe7b1182af1ad3a1809b4f8

SHA1
4a78ee0762aadd53accae8bb211b8b18dc602070

SHA256
1f274d0d144942d00e43fb94f9c27fc91c68dce50cd374ac6be4472b08215ca3

SHA512
909e2e33b7614cb8bbd14e0dfff1b7f98f4abbf735f88292546ce3bfa665e4cb5ee4418561004e56afc5dd30d21483b05f6358dad5624c0dc3ab1ba9a3be18eb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0a9fb642-59d6-4e55-920d-1e56de8d96bb.tmp

Filesize
8KB

MD5
19050a91f1a4b185bdd4df5b70762ada

SHA1
974bf30505bbb46e16d5bfdde82370d08160e40e

SHA256
22510f94f0f4c98265ef43cf026ac993c09117729a707699f14f27771ddbefca

SHA512
ceba786a53706371a6c7a3efaf4c5cdde7a27aa551887da2a22fede755725c24a354a50198bab7a4fe7355f44774b3f369bf507969ec26d295dc21b8265bc4dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
69KB

MD5
a90d7c369b2a589d9034e9a201efe567

SHA1
7afe40e9e4002a2254885901d66451e2ab0994c0

SHA256
7cc054981e642ae7bcbdbc78152eccb11b31a6d922ea1dfe61e749f8985e498d

SHA512
befddc83828674c9993b8912ea83486dcb04389e0d7b45a4e6c19b6bb5e6e0ed2b16d9247c2e633870658697131c094864d3cdd9a2a4c0fb17bb503ad2915b21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
62KB

MD5
c3c0eb5e044497577bec91b5970f6d30

SHA1
d833f81cf21f68d43ba64a6c28892945adc317a6

SHA256
eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

SHA512
83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
17KB

MD5
4a131b02d35327a760ec077c4fb52a6e

SHA1
9de34443ea23cc0b5fa7581b50032b56144c1acd

SHA256
89bd352df6eeb577e43aaddbb2547b1d3edaa34e0013f3d2dc389c5ad7488ecc

SHA512
a5022b0b0c468815dbe691a77353dd396db5065f41d5a2cc3f36335376f470860b74858ca2d79a229386853b398fda9fb7c053e4d8350d2a2f10426942990c94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
87KB

MD5
3c57b7f2cb0d057fcc4738684f20736c

SHA1
d4aae3861d8bc401290a065dc1dfa06f0a6aab96

SHA256
4408d6e4a2e8e3a301a710895c44177ac8db2baba572eaf3acd9ced75c6ddf29

SHA512
7ba4797eaebdc9d5f5eb53486028c899c1fd910db3f1af8be88f218215148f984ff0443c8bf8cf43e0d148fab4ac6a0b8688b43ea303d9932f21287da908d824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

Filesize
85KB

MD5
45a177b92bc3dac4f6955a68b5b21745

SHA1
eac969dc4f81a857fdd380b3e9c0963d8d5b87d1

SHA256
2db3b6356f027b2185f1ca4bc6b53e64e428201e70e94d1977f8aab9b24afaeb

SHA512
f6a599340db91e2a4f48babd5f5939f87b907a66a82609347f53381e8712069c3002596156de79650511c644a287cbd8c607be0f877a918ae1392456d76b90ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

Filesize
1.1MB

MD5
09a4fc0c58d232376c083f3d4e6b164d

SHA1
7f5dfa36a1afe43bb6ef9966a1664497fb4b9c56

SHA256
1dbd6830b7ce8811ee467562ba4fa552248a15656b758eaeee9a2088ffdf401d

SHA512
657a147b38acc31850738ffd51ba0844dd7d98fd6059ae6a578054d894eeae2181b34c2bde193ffcee51845bdec906b11a84cb5f6018dae9276530f21376f760

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index

Filesize
4KB

MD5
82d93aeb5d5db377d05e0454b9f37761

SHA1
fac4ed97947a655673988e754b2a5f3b469cc417

SHA256
f07718015bdd28334ca42c44a51c63e6a6aa2f1a599d1f7be7da6df80b2b68af

SHA512
eb126d0fdd06801da80620fba700317a38a6df022c0f4954e9804f0b7b02ba0d21386f443252e508f45c342230981b726b217491466a2018d320f9dc91ec5dc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
7eba243446125da349f33b29a27d1506

SHA1
f893e86569dbd223b353fa7f09c80c947e119bca

SHA256
a9ef9df1436c6465171ff424ca069e84e93e285373c964f9bdf5893d4d31aad7

SHA512
e3e71854b28277dab3a525d75256c4b3152502720d25479ee9aced6243b0e9c348b9242165df23446d81df250c1218c528e5c9fb4e8a9c396a04055c76d9be7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
83d57c4756590cee2c650a3fd2bd25f5

SHA1
cc28b772da96c0de289d1f122151c1d8359eafcb

SHA256
12e88af594d84bd3f03d7b59bbf315a78fae281440d416ca17fe20d1ebc8b634

SHA512
4d3605bd48f158d9a5744cc652ae8410d8abfe56bc388df4587d9fb6e95177833a29e651daf094b82fcf231d86e536eeb1f43ab71627f09486b03ac4fccf476c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
e628a29bbf72a69a072ad92c0c7f10bf

SHA1
f15415856e5eab35416b8378979460af310173db

SHA256
556fd32ffa18f00fc6d68c5e753e2fe6c26666e8af74d1d2a85109b357e7c555

SHA512
bd28d7bfa695ca11fc19bfb95484ec3fab47fd84be1325a98be56e812a8bdfe82e0da904016d8373f966eec84bb6ff2123ca18f99bd772da3ab1c4310515c9a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index

Filesize
96B

MD5
ee628c4b2a6751887d1b6fa745a7d582

SHA1
87ad2bf759ddfbdd243dd274aa4585d92f2ca3f2

SHA256
6719a23a164e3a880a5ad0c9f48b5adc74cc1863fee38828a9a2ed20447ec4a8

SHA512
9f1d2dca51884c34b6a7c9b1e217a0900ee9e41c421c792eebefa551a3777759a08f67eace81d9cb7bd841da608316ecbe135b7326c0297de045cd1f96e27250

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
5d0fb9086c68d1e68ba17d6cbb8c6673

SHA1
8c1b3d7fa37ea1088600a83902347989cce1028c

SHA256
cdf1046a37a56f2b31e0eac1da97be63dc4acea8dac1dd25940f21eaf8f2e09e

SHA512
d760115da281723400a2f392859efbafb828ae32943e81ec6b4f55d1079aef9d2833f519100f13410d13e7f55765ce8a049920b144e02a2a645ca7b1b3be073a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
e16ba43b523c88aa2e185f092cf1c055

SHA1
d153c3b263df9e95cab360a6314a326b1433c06c

SHA256
18b4bf547dfea2d1ff7445bb5c284be06d0489bc246de57a02067db65679c687

SHA512
4a1d3a8a6340b95d53c75c4f9bc1ccc7c94b4eebe915179948a69a4301323f91ac7cc6eb018dfe6fcbca25883573c2b9b22126371df8a5fdbb7f8a6e019c89af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
04d7f6b3a2e4461f7ae10745f5bc1792

SHA1
3987d39e0cc2257db408df52ca7d32014e66c028

SHA256
7187fcd6be0493d19484107cf159c3867a9f55b191c59b4bfa33920065edab7c

SHA512
96f8afd745ace7c2182039e538534ab2a248065d40f282099a63996233cb67e584ec1cf4dd614fc10ae205da109e141e877bd1c7f15b3d5d0faaa61e133b4ffb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
3beef04052e73d5eebfc87c6f01e62de

SHA1
4f4e8e607c712fd4587baee45fe53f9fd6e8a468

SHA256
e04517bab10b4d5b1cf658938cc240c062f7665752536f509a132d21bccf1ac7

SHA512
4de37f815c4aa69d952e57ec505138cdc5d0cece1a3e915fe779234e9759649114b7ed1fbbe68fa99a439e11bd016381ef7e29084d5a0bd599341d067798c0bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e8a3432757af0cff2def5dadc1706695

SHA1
4474f61ecb4a5e7fdf7b989a9974ad7dd96559b6

SHA256
dee9b2a4e3ed5b76ca0e3b8184023bfad8d97284345f67192319b8d90ae4986a

SHA512
f78c4ab422d9e80ec3f21d9dc3abfc8a9db22ccc4ebb5070b6d96f172d1b9f72bed3615e51aa2625eb6f453b3d85eebfdd8d954c1280d267e6562a961742642d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
00a818a2ad0b78733fe3ab407b514033

SHA1
a31a20e1ee5aa1a6efbf4b6366470173431e2ae7

SHA256
b6f0f8bee502187ef14c3de77dbf4edf799cb7eb689921b67a5282c1c71e4723

SHA512
26b0a9dd5127c12019138e85c6fd3e283e822ad4e7c3f2981b6fad9ea70e4c4e72e6304537db2748a2935af3b03ccd259248b404f6a6eafa28c73e0615a4446d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5fc448e8721e15c0879e1c5a8fd86e11

SHA1
d9426db702d89ead46800a0d2eb43002412f8e82

SHA256
fac80bb24e62c623e3e7b0160dc5afa57bc7d46e3c8b740669138f793a05a5f7

SHA512
fe920b67323df65d870b7ff0c27da754a505d460c5f383d9e9926c294b762f1bc0cfc2d6146fc3154d76659d201e8d127c02a2d3e505f82a9c00bdc32212d5a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
8e46e1c2d8a53f288bb62fc12391af37

SHA1
5b3539372ffdbca69cbed483fbf663171f7eac9c

SHA256
619920e239919bdac817642d3766815204a2b85689bf49292182efade5e5fda1

SHA512
68cea9adc3ae88dfc7e6720f05e42d3b7e388976fa4520408a8b3386de697a91083d5158713ecfbf04ee40ca2037e073da522d52e15844932b33f7ce011bbb6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ee36b15738f8cb31bb9d3c3f45b566d4

SHA1
b2419632350fcc1e58172ab058a4d4628e8da464

SHA256
25eb3d94a3607cf4efb7c9aefaeeceddd3f833c3ac6b4184fe006e1653b7f48e

SHA512
1191bf1a8212de39d09e723789e720c89c472ed299f8f9d55ce1ee0b469158c04d8bdd95b07ee08bfdb71ce570a5107f0642aaa95c99e510bde0c570644a6707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
01ea8382848cf730979b5be4721df851

SHA1
33c5b2522d89be21df5d5d0f1d24fe5ab0293232

SHA256
4e5c96ac316498cd59430cd58cc0672f38bb2aecc072fdc851b0122f84b1662f

SHA512
a7268068487749fd368beb974e9a8c9e75d69ab24acf13ef1ffc8d9da4f2b0053bf4737eceb9255d7cd0e9668c3ca05a8f3765a56073529c2c1c7f40a0020873

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
68bbf8e0d0f2e00dfc27c58cf2aea351

SHA1
e1abf818c26f7df1bb26d1e83e896acbeea4c153

SHA256
8ef98d961f13c1891980a04b9ab08a6ffe9fe68b89c3e9d95a821f6b34f7a9f1

SHA512
61e5b65a92e39a22b0e4d4c33a07addf6ec1cd6e5ec5e2a9575c99294891a6ae2751c6991bebac2e2c94b416110a89fbb538d9679042f722e4fdf8e080739e8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b8c968ec9bd63bd3d17a248f56442a11

SHA1
2abc2ad4171021ac0251475084bb9a8b5e215026

SHA256
f285c6b98b3fa6cccbb7833900d456c62b654b1ccc7545818dfa70a6f00abdfc

SHA512
54af7addf2234af4e104160af1707e49d965c5c7364541b96e72cbeefbb8caa7ff9c0402a168fe9f947ae3a06b578926ce76d3ce49bced04277fb96ef3a2f013

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
daea9b2e64a9c5a3a09433e3e355d5af

SHA1
29cb6e021e4db4c77fcc328f8119546490e77573

SHA256
9387ef02e1e234b97f64b1a80a4047b6f008ae0601c43540c779007979543ae9

SHA512
9cf5e9b1584281b046fe75271062fcdd9b6585a51727518bd7f5f1980bf41752bb251168b69d3e61eb95f9c44141c6c2671e34dd213fc56153d0c82ed6cf9596

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
8caf4d73cc5a7d5e3fb3f9f1a9d4a0cc

SHA1
83f8586805286b716c70ddd14a2b7ec6a4d9d0fe

SHA256
0e0c905b688340512e84db6cf8af6dbdfe29195fefde15bd02e4917a2c5fda8c

SHA512
084ef25ea21ee1083735c61b758281ba84b607e42d0186c35c3700b24a176ada47bf2e76ed7dadd3846f2b458c977e83835ced01cda47cdd7ab2d00e5a1a294e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
10c8a9852b52afc5331c2fa7ae346f79

SHA1
aa199d5e35199ad08a6e842f3aa58c3b0dcecf40

SHA256
aeea60d49ae060aec6fe619fd82593653cd6710a929e744b6837e4fa1800f505

SHA512
d75bf7beb9210a78d5dc68b5ff7b515ce249e0a38ee96080f7d0aa4dd3ec01ba8a08255009f9699d185752aa37c29b317df620920daf945ed33603d5f5103149

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe585ec5.TMP

Filesize
48B

MD5
42bd7a5779ce2d275e4658608ed5891d

SHA1
3aa5e56aecc94f7c26e465c268f996d5b1bdfa7b

SHA256
83a346ec73501fd7f8611d803ecde60388bc653b2d58105eba6344724caa9a36

SHA512
f6ccab53d682cfbbcad06ee8b80c794395427b22d6b5e06821a9878603f4fd5efd15d65336a5da887387b43e8dcfb919f5a83dd7eff807ad3aed8a6d0c0aa53a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
695f623919e3a4a543e77019cf372ba3

SHA1
ac0bbde4328494e5e9e01b8c6eb00c4dc08ff096

SHA256
c435b3bdc9ac8e71e4f4ebd3d53ad9dd65c61749d5081835d91155c92e51f5cb

SHA512
59a85fd87e38d0a2806ce10b707510b47ae470c9d958ccbc14eed9fcc05dbe34440fd9f52e647a5e523927c5f49cc6fdba273d4c0f24b070139c968e1bac9c91

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
736937cb4de6758423ce7261b254ed7e

SHA1
67bbbe5481f2ee6587e393ab98312b074138053d

SHA256
8f2d70d5fd24a30cfbc1facd41aab69c35ca1a2ce10fdbd6164b5227d9759014

SHA512
0c4d51fcf0717558285cb26e4149b80dd6de126411d1d287f5c775e31c0e5e42b96ee685c842a00038f1e61ce9373e5d52bc7b61c2e90caec6a9b5edfe3eabf3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
c8ba0735ee6720f67918a9616a3e86df

SHA1
49e63115a8408928a77b51142092eeeaf1da9b2a

SHA256
241603799250ffa834567fb91cff6c7626e4466e5c386111d5374c391e90e156

SHA512
1bbcd3ac8d2ec1fbdf0c054a9900501e35a4b8828df8c961e86f47bbefda860f92e121c9221689f50a67daa25307ff7ef69ef0ad443d9c5501bc0469e567f027

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
0d446d8e5f772e9a70991039d1de17d4

SHA1
67430a42a1b50838ec1178c57a5f0c1bade1469e

SHA256
a15ff281696bc5dfcb63e12b073ee631981a1cc7b20311235f21b5789e3900bb

SHA512
f88e7f8082957effb762cfc9787231256b5f327ccc7b8b63fa9b19df0c27e7b09c1f4cf2eccb5e4fbfee1e961469bc4deb87c020c0afcc90faa136d62e46c90d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
22395decd8e5799b6069177b2e6901cf

SHA1
c16b723e8c0b8efecea61c12aa45553f59dc0c91

SHA256
d3bd5d83ec0bbb3139ade27c1b3fcf73bcd4a7c1a51d6f221e9174fca85058ae

SHA512
912db830545a6e94b07b8b2f58aac535ed9182cbf8531f7c83270e0e5c6f8f7777f74405370bfcc835bc49297964e616f1bd947430f2de26829eab1d83720023

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3c1276b932710e824e269040b13a1851

SHA1
f42ba782922272ed130b351680f716e9c462f246

SHA256
3dcf83647759ed88ecdded58557693840115d6afd4938dd0c8837872182d3c67

SHA512
947b7301dd1d2b80cf3589a2144d125fcec2fd437e217265ce5d5730bdc5e72e6aab172c4a2ea5819d59d52666a57de740922b4e6694fdbe802a94f7cef2a610

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
20691dadb3aff5171e27d8806442f6ea

SHA1
85fcd315b1c3f7b5b94d78dc91da460e18f1ae68

SHA256
b5e99fe93575bfa9b2612f7a14a586b63c41dffdf066e7fdd215b5ab35ac05e5

SHA512
864104efb538625ce4401f642188ced2a359c0cd5e29fa6fa04930f8a696a0b012b6cdc1ff5febfd213283b745d7c89b21affb1e16a680e0ca988dd5832c0ae1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
03aa6c6930db9b9fbd4944f8652edce4

SHA1
79f4734abdec8480cfe913cb5f4562a0f495ce4a

SHA256
686d86f5d105d1433dcb101c516f8d30ceb43941a23188290fcc19f34d99e60c

SHA512
bfa2280c048ed263301e0cf68a55b0ca7e52adce9abc4ac5fde9956f4bb35054cf04bd0be0a3d3868b45c0f8f726f0e6a642c9c77f6143c0863442d0d15560b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
7c995e33159a8f904d0e2fd758ee1310

SHA1
5c054440b92390a878479a7a6b044b97f1d89b01

SHA256
40c983121763bc5143697ac86bbe04b5b65b662f72fd74955bfb244b4bd4c396

SHA512
d70a2d02a36d612e77d995d15f4e2755d21d9a5b572b23d346c2658ca5a359e9de438dcfabd9c36455edc28d687db05a02a9746570e59b82940b7e0892a7cef0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
8429d0aab492eb5de81552709bc822ed

SHA1
15791c22b9d329eb8e5749fcd49f825c572bf9d2

SHA256
c49dbc97b3368a3599d7d84449cbf8ac334d3e5a2ff1335f15706596d889b9b9

SHA512
37bd47e90820c7380b88cd59c20eca141079e48d1351cdaaa432f0f71a09cbb8080b3cb90bef533ef66b7db809f62582c35842b9ba8122b090f5f959942f9a28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
1c8df34dc9ca6a0b55a2e8d217d42d26

SHA1
a37ed99803f2d69682589ecab1fb4a630e7791cc

SHA256
28ba4f67ef7a1266c63c853a1739f776a7179e35632f635767d5482e45bfcce1

SHA512
41c7f8019f74cc4b8426baf192447feefb90b575f7a3aabd3820058cc3b0656b9f3a11ec103d06fba1564b947b1a67669ddb5c72bbe259f3978aaa5e4b71ed9d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
f75c1a770d61cc37d56b5d0b16c9f312

SHA1
ce91bb89c64971291c1ecb303115a60aff69d4de

SHA256
407e1a57c571af17219caf58cb251a645af3b273c4b5ecf1a73bf6330113fd33

SHA512
f05e2e394f10205c3c770c2a3d2cb2b64bcf55b2acf059a6ba185a24101c5f627bfe99b4112a1eca18f50e3c75fc888514ba3309eea0f249db80deda2f7d4c71

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5815b6.TMP

Filesize
702B

MD5
377d11369027f2ed23b00bdbef5d52a8

SHA1
09afcc0a54c578fc8d6c685b3b5d97a9983172a2

SHA256
97857bc7a8a69cc52ae6e03c77a2663c9d3e8b0794428265e02935b9a5d0230c

SHA512
8d02c7f434a8eac0c183c03762ee33f0730fd4537085cf8afcc11e0bf40ff792a5ef8833829281d255164c05c05fc77c8d94be02ebf4f28c7434bda8ea7fd8fe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
13KB

MD5
fd77590493438082c38d627de0753d37

SHA1
07cd9e7d4f57c23d2fb9a12e394f87b62ab3de01

SHA256
03576db847e7482883cb5994b53b3ff147854ad20719665b7a2fa8d32870d402

SHA512
405fcfc5ed3ff2e5cfc5330951e2ac5dcfa4332a5449d691ec524f8965c0c901646d25376ade082e61ee71ec7d34ca5f95a768f54289c4868581a2a5baac9741

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e50f15fc8b0945ad0983da2e352ec1d1

SHA1
0857b0aa4e330ea700f648ad4c12bf3b48925dcf

SHA256
91e1d4d32ab91ebfce13461cde5dd1f3fc77b77e9bd8d722c2bd97361a69c51f

SHA512
a8fbf85aa49a0da5b8ae06ed3d779b26b90c955ed33823894474ee5ad082906d0c04691b579567a24ee1cfcbc558b10d8276f51fedcea0c6abca4847cb37d9e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
5d277a7a6edc1321dc68f6fe363b5b98

SHA1
8be4a5b33fec19f8541ac64f4c393f7a01808dc5

SHA256
f727da6aa0fce0fb46ad8ba3699cdb5e887496049645170b714fad7df7a10076

SHA512
52bd657d5b0ecfc4948f7e04f613486f159dfe0129c8e7925b920476ef83dbcd3bdf79976af19e11667225fdb3a32f1bc74400ab4cd55996dc12d5b3d7b8622d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
13KB

MD5
3754f966290016b3d834684b2704138c

SHA1
a5ec07cf96f9ec5164840d9383c37c94dabb3876

SHA256
14c218891b21dabad60ce3abdaf464627ed71d07a1e56181cf24ebe5ae239a0b

SHA512
5c4c1fa2f31901992b759eed5132effa6b86e436a72e2c9d6f4f93af5a6cb6622abbb9b4c92faa34db928b6884a1084187bf3ef8985176b220fe667bacda6e3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
13KB

MD5
8290e59fe20bff53e8468c44e000b0f7

SHA1
1693cfe06a6e69d417d877219a2ceabe6d09ee93

SHA256
50b699d161051710f63ee37738e0fa0b1bae17f5342b655782e49294e2de7fe9

SHA512
a5e1a1b265b83142d07013aca697f334e212b19e661daddd20eb2983ac3f5d9973275960ae03cf70d46cb042103c7c2cbb658b9ad9823e89cd7074a73af18a34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
13KB

MD5
59d678dfb0bb3d20b3088d75a800f22d

SHA1
4c750d73ccf911794b9ea4766a6acdfbda766d92

SHA256
f71c02cedf87a2d2297ac1b5db10a287a22d92b39bb75c9f54632c28f7a22d20

SHA512
7b14ac82d4def1821e4dae54d2844ea89561eae321723e6961636341821407a4ad2616df9ce43196a6819f22ae1b55e3ca2b054e5bf98fc05ff2e05ed292e7a3

Download Submit
C:\Users\Admin\Downloads\Hustlers University.svb.exe

Filesize
251KB

MD5
a6807bdba669e5783e7a9087bef88a51

SHA1
b5e9b7588a8dd93d634b2ef838d1c1bf0bcfeffc

SHA256
d2c0600c534b2967906240adf06f1030d62c1623dc5c98dca1e76aa5e08ea7e3

SHA512
ef0196372e9515541504ff84388475e51e1c02850ad125173c545c5aedb61aba54033a1e944b8ad81c9d30807c4ab5006c4070b549cff565cb4cf3379d4445c3

Download Submit
C:\Users\Admin\Downloads\Hustlers University.svb.exe

Filesize
251KB

MD5
a6807bdba669e5783e7a9087bef88a51

SHA1
b5e9b7588a8dd93d634b2ef838d1c1bf0bcfeffc

SHA256
d2c0600c534b2967906240adf06f1030d62c1623dc5c98dca1e76aa5e08ea7e3

SHA512
ef0196372e9515541504ff84388475e51e1c02850ad125173c545c5aedb61aba54033a1e944b8ad81c9d30807c4ab5006c4070b549cff565cb4cf3379d4445c3

Download Submit
C:\Users\Admin\Downloads\Hustlers University.svb.exe

Filesize
251KB

MD5
a6807bdba669e5783e7a9087bef88a51

SHA1
b5e9b7588a8dd93d634b2ef838d1c1bf0bcfeffc

SHA256
d2c0600c534b2967906240adf06f1030d62c1623dc5c98dca1e76aa5e08ea7e3

SHA512
ef0196372e9515541504ff84388475e51e1c02850ad125173c545c5aedb61aba54033a1e944b8ad81c9d30807c4ab5006c4070b549cff565cb4cf3379d4445c3

Download Submit
C:\Users\Admin\Downloads\SilverBullet.exe

Filesize
2.2MB

MD5
0267076b75cdcfa7ea98aba0bf033aee

SHA1
e168f887d26f0f752ef9e28ffc154b9afc1f1783

SHA256
9f160d80765337c3609242b9d0bd4d16856e1d57a7c2ff55ce8b00b45e5bea81

SHA512
18899a1b90a85ef2adbc71224d51ae51ea7e87662f71ff498734cf8a267aafd1c265bdb5a78b78437168f825ff28d894420ffdeb6af1653d150740b93d487122

Download Submit
C:\Users\Admin\Downloads\SilverBullet.exe

Filesize
2.2MB

MD5
0267076b75cdcfa7ea98aba0bf033aee

SHA1
e168f887d26f0f752ef9e28ffc154b9afc1f1783

SHA256
9f160d80765337c3609242b9d0bd4d16856e1d57a7c2ff55ce8b00b45e5bea81

SHA512
18899a1b90a85ef2adbc71224d51ae51ea7e87662f71ff498734cf8a267aafd1c265bdb5a78b78437168f825ff28d894420ffdeb6af1653d150740b93d487122

Download Submit
C:\Users\Admin\Downloads\SilverBullet.exe

Filesize
2.2MB

MD5
0267076b75cdcfa7ea98aba0bf033aee

SHA1
e168f887d26f0f752ef9e28ffc154b9afc1f1783

SHA256
9f160d80765337c3609242b9d0bd4d16856e1d57a7c2ff55ce8b00b45e5bea81

SHA512
18899a1b90a85ef2adbc71224d51ae51ea7e87662f71ff498734cf8a267aafd1c265bdb5a78b78437168f825ff28d894420ffdeb6af1653d150740b93d487122

Download Submit
C:\Users\Admin\Downloads\SilverBullet.exe

Filesize
2.2MB

MD5
0267076b75cdcfa7ea98aba0bf033aee

SHA1
e168f887d26f0f752ef9e28ffc154b9afc1f1783

SHA256
9f160d80765337c3609242b9d0bd4d16856e1d57a7c2ff55ce8b00b45e5bea81

SHA512
18899a1b90a85ef2adbc71224d51ae51ea7e87662f71ff498734cf8a267aafd1c265bdb5a78b78437168f825ff28d894420ffdeb6af1653d150740b93d487122

Download Submit
C:\Users\Admin\Downloads\SilverBullet.v1.1.4.rar

Filesize
144.5MB

MD5
fc50b84ed55fb6f340d3fe9f0fe7de92

SHA1
9f96ac12162f84a462ff2c247c0530d8c8826857

SHA256
ac7010253b5e2a1fef924d2afbd5a35b8a6688ed10813625d6ae7489ba16f7bf

SHA512
c7f4a168303ad37894b9469b120be84b499948c3a4da09cd6cb654005616880716dc986511de3e4554274b4d2b754a65625bfd654f54b6cd893c911793cda210

Download Submit
C:\Users\Admin\Downloads\SilverBullet.v1.1.4.rar

Filesize
144.5MB

MD5
fc50b84ed55fb6f340d3fe9f0fe7de92

SHA1
9f96ac12162f84a462ff2c247c0530d8c8826857

SHA256
ac7010253b5e2a1fef924d2afbd5a35b8a6688ed10813625d6ae7489ba16f7bf

SHA512
c7f4a168303ad37894b9469b120be84b499948c3a4da09cd6cb654005616880716dc986511de3e4554274b4d2b754a65625bfd654f54b6cd893c911793cda210

Download Submit
C:\Users\Admin\Downloads\SilverBullet.zip

Filesize
153.4MB

MD5
5b19f6e28429aaa53ddad598dc2c93b6

SHA1
dce16868462a876edfc8eaa27f4e826acca8c1c8

SHA256
2a6a9394f44a529a0ed34d5b030b333bdc8834ccf007861e3f02746991763541

SHA512
5b268ef69a3f77f7bca1e94b17f826ad6a29c42253beb6d8cac38e45c054bf9c5c7eea23ed883ea2a08d6b5869e0b003cd666a2d988e1a18c7b966f6adb4ec0f

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 984208.crdownload

Filesize
251KB

MD5
a6807bdba669e5783e7a9087bef88a51

SHA1
b5e9b7588a8dd93d634b2ef838d1c1bf0bcfeffc

SHA256
d2c0600c534b2967906240adf06f1030d62c1623dc5c98dca1e76aa5e08ea7e3

SHA512
ef0196372e9515541504ff84388475e51e1c02850ad125173c545c5aedb61aba54033a1e944b8ad81c9d30807c4ab5006c4070b549cff565cb4cf3379d4445c3

Download Submit
memory/1436-1270-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download
memory/1436-1280-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download
memory/1436-1262-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download
memory/1436-1263-0x00000000008A0000-0x0000000000ADE000-memory.dmp

Filesize
2.2MB

Download
memory/1436-1264-0x0000000005610000-0x0000000005620000-memory.dmp

Filesize
64KB

Download
memory/1844-1352-0x0000000005440000-0x0000000005450000-memory.dmp

Filesize
64KB

Download
memory/1844-1351-0x0000000074470000-0x0000000074C20000-memory.dmp

Filesize
7.7MB

Download
memory/1844-1353-0x0000000074470000-0x0000000074C20000-memory.dmp

Filesize
7.7MB

Download
memory/2932-1382-0x0000000004F50000-0x0000000004F60000-memory.dmp

Filesize
64KB

Download
memory/2932-1383-0x0000000074470000-0x0000000074C20000-memory.dmp

Filesize
7.7MB

Download
memory/2932-1381-0x0000000074470000-0x0000000074C20000-memory.dmp

Filesize
7.7MB

Download
memory/3604-1380-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download
memory/3604-1379-0x0000000005BB0000-0x0000000005BC0000-memory.dmp

Filesize
64KB

Download
memory/3604-1378-0x00000000743D0000-0x0000000074B80000-memory.dmp

Filesize
7.7MB

Download