hxxps://cuevana3[.]nu/peliculas-online/hitman-agente-47/

Analysis

max time kernel
256s
max time network
262s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
20/08/2023, 07:02

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

https://cuevana3.nu/peliculas-online/hitman-agente-47/

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1420546310-613437930-2990200354-1000\{195D7BF7-15DA-4553-9750-727269B0BD07}	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
1088	msedge.exe
1088	msedge.exe
3032	msedge.exe
3032	msedge.exe
2244	identity_helper.exe
2244	identity_helper.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
5316	msedge.exe
6140	msedge.exe
6140	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: 33	4848	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	4848	AUDIODG.EXE

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe
3032	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3032 wrote to memory of 3556	3032	msedge.exe	83
PID 3032 wrote to memory of 3556	3032	msedge.exe	83
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 2456	3032	msedge.exe	84
PID 3032 wrote to memory of 1088	3032	msedge.exe	85
PID 3032 wrote to memory of 1088	3032	msedge.exe	85
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86
PID 3032 wrote to memory of 4196	3032	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cuevana3.nu/peliculas-online/hitman-agente-47/
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfb5946f8,0x7ffcfb594708,0x7ffcfb594718
  2⤵
  PID:3556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2600 /prefetch:8
  2⤵
  PID:4196
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
  2⤵
  PID:2172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
  2⤵
  PID:3760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
  2⤵
  PID:4320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
  2⤵
  PID:4244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5256 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 /prefetch:8
  2⤵
  PID:2248
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5384 /prefetch:1
  2⤵
  PID:388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3884 /prefetch:1
  2⤵
  PID:2712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
  2⤵
  PID:3160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:4432
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
  2⤵
  PID:3536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3068 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
  2⤵
  PID:3244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6700 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5764 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2456 /prefetch:1
  2⤵
  PID:3012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
  2⤵
  PID:932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7636 /prefetch:1
  2⤵
  PID:4744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7812 /prefetch:1
  2⤵
  PID:2040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7488 /prefetch:1
  2⤵
  PID:3816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
  2⤵
  PID:1672
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
  2⤵
  PID:6060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7536 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
  2⤵
  PID:5944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7488 /prefetch:1
  2⤵
  PID:5512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:5352
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
  2⤵
  PID:5504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
  2⤵
  PID:5880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8676 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
  2⤵
  PID:5548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4820 /prefetch:1
  2⤵
  PID:5884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8672 /prefetch:1
  2⤵
  PID:3544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9420 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8840 /prefetch:1
  2⤵
  PID:3404
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:4016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6380 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1
  2⤵
  PID:4868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1
  2⤵
  PID:4976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
  2⤵
  PID:3692
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1
  2⤵
  PID:2688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1800 /prefetch:1
  2⤵
  PID:5776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
  2⤵
  PID:60
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
  2⤵
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
  2⤵
  PID:5252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2456 /prefetch:1
  2⤵
  PID:5964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8808 /prefetch:8
  2⤵
  PID:3840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9092 /prefetch:8
  2⤵
  PID:4332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
  2⤵
  PID:6028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3000 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5956 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:6140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
  2⤵
  PID:1336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9596 /prefetch:1
  2⤵
  PID:3300
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1
  2⤵
  PID:5524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8440 /prefetch:1
  2⤵
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
  2⤵
  PID:2384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9452 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9712 /prefetch:1
  2⤵
  PID:4588
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:1
  2⤵
  PID:5972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8400 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1372 /prefetch:1
  2⤵
  PID:544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9008 /prefetch:1
  2⤵
  PID:5568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9868 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1
  2⤵
  PID:6032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8256 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10200 /prefetch:1
  2⤵
  PID:1392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9904 /prefetch:1
  2⤵
  PID:5856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9408 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,8797621651069861436,16178801360062695333,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3712 /prefetch:1
  2⤵
  PID:5444

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3436

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1832

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x468 0x470
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:4848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
fc99b0086d7714fd471ed4acc862ccc0

SHA1
39a3c43c97f778d67413a023d66e8e930d0e2314

SHA256
45ef01f81605bfd96126d5520c5aa0304c7fa7d5fdb3e4d5b2dd2bf84e2afd96

SHA512
c308fa3eda9235d67a506a5f058fefb9a769ec01d7b0d4f5a2397892cc4f8155301c55c1fac23bebacdd087ab3f47f1eacc9ff88eff4115a7d67aa7b1d6581a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
29KB

MD5
0f83cadc148d2ad7e53c91f6c4ee05bb

SHA1
90035c5fffedf4b0f099465f6b929a030b46c92b

SHA256
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae

SHA512
c911420875dcadb64611550e83f9a525309eba69353dac17d3d40a8350a417f337718a24926df62f9f69136c94962110c897630e9ab7c0c9eb480b0775613c7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
64KB

MD5
255f3b03cb078356f8bb51c51c4e77d0

SHA1
890dcc8adc4fb91bf1ac56210436320f0704276a

SHA256
e53c33d913c4adc60e7c0b639a92fe68d39a51ae522cd7d63cca6ad7f0c88976

SHA512
27e427d096ad21f4c54c2fa95c16159c1d71b4c453694b5d2adb655ffeaa105194bcfe73c2acf573840decb260a287c4758a5ea40d9fc6dc54fdd16b9bcb605a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
76KB

MD5
638f27f7118868af116068384861cf3b

SHA1
b7ce7a2bf638df6284e9665093f0263c3571c82d

SHA256
a6318ff5647d55d3d411a0d7c759e0a255fb1dac84ef2535dacea4fb62593766

SHA512
06a00031d4d9b7c03f9fe0f7f035d018bb0435ed64aa62071bbea2c46f21098e7599a2401069d0bb9967cb36908718dde0e79c9d8bd8280db6264128e35e87e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
127KB

MD5
df55dab0e612f415fc6cb75f4e147366

SHA1
85e133242ae64b894f6793833e3b0bacba5e3909

SHA256
d9ecba238f6187ec48f15fc09fadc0dc67abc4894aa01068d51ba18d2d72f489

SHA512
c451fba1f25c29d9bc3a157fa759cf059d64cf2ec208832f7e085842aae9109194e26207d584e2b1bb500c414c1c26adb0bbc75e38584d1f99c52ca50f26e897

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000083

Filesize
21KB

MD5
f0d11cde238eb54a334858a3b0432a3f

SHA1
7c764fe6f00cab8058caeba38eb7482088a378f4

SHA256
579adf148a5905868140df9075b90a2ff33c9070dfd35b3ab869a2d9aacd9a96

SHA512
b3e590c88b462004b29ced18027f640addd1ea6ce9ae584820054ca508ce7d626acb3bd729e3693b50ccdc5e4694b1aa400cb33a315a475de47f5b25ed964d02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000085

Filesize
19KB

MD5
9bcae3d36c4dfd3a67559968ad485e5c

SHA1
05d58b171cc67b3f822627bb90a526ab40ce2986

SHA256
22f184d73eb2b4eaf277f03fb8e474234aeadd7846b066db615405083a2d2cbd

SHA512
1a95d1cf94d14d8c8767b40a4ae46f34bc967e1b3cda872203589ec99f965d80aaa349b87f7112464d8116c07b97674324be003952dfca996c577c14e1aa9738

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000086

Filesize
67KB

MD5
d8588a7d7bb0b66fb439edf73ee37563

SHA1
a2398d543e3fbeb197e2128654bb5a1afd599585

SHA256
2210c60cbfec62e2bebd2c77783511100072459b3d0cc296216eab8e72d8af35

SHA512
7c87e7b4ec1d643ce2672ef9badefad6832c6fcc4053cedad2d34c52004aed4e0a589e2f839ace7bcdb0f409fff836ca7ce20dc882d9982568176d4b1c830bb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000087

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000088

Filesize
19KB

MD5
76a3f1e9a452564e0f8dce6c0ee111e8

SHA1
11c3d925cbc1a52d53584fd8606f8f713aa59114

SHA256
381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

SHA512
a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
85KB

MD5
45a177b92bc3dac4f6955a68b5b21745

SHA1
eac969dc4f81a857fdd380b3e9c0963d8d5b87d1

SHA256
2db3b6356f027b2185f1ca4bc6b53e64e428201e70e94d1977f8aab9b24afaeb

SHA512
f6a599340db91e2a4f48babd5f5939f87b907a66a82609347f53381e8712069c3002596156de79650511c644a287cbd8c607be0f877a918ae1392456d76b90ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008b

Filesize
990KB

MD5
96f2dcfeec527a5756ebf0fcc71dac96

SHA1
3df828f7b00aa7b58b0d75211595e6daa6d9828d

SHA256
e42d90e5fb7e2920a6b3e19759d9597b2789a156e3f46350125e4710e1c04ef7

SHA512
5359340b7e362f4613041c49e78353c41cb3c10b3cd8a41acece5431b8f897cc77a473c48ddba271c0954df7701e654c156b609f6e9a40abacdfc6b1c0c61399

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c

Filesize
75KB

MD5
58d4ec17141f90f940c0c8cf1babf0c4

SHA1
188d4da38593a7fbffa950c4d7017a40bca8e8f1

SHA256
07a29e19ab31e312a9bbe223588b66408531bdca831a97fcf79fd30206010d4d

SHA512
fffa1a79c33b2212974a50474a1798a20e0667befa77391f97124347bbefd4bb7785e747aa02482240cacff1a5305c4d92702c7467554a0f0e7660105e8b9a24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

Filesize
33KB

MD5
c2e3c144f359749c9e9808eca64257d2

SHA1
eca75b3ce4fbc041f8256689a81c7dc2bc5cc2e3

SHA256
e42091356819da9dfa73cbbf17d2e9e88da6eda201c38627165d29baa04de1a5

SHA512
cd717f7115dab4fd4ac7ec6a85915e6ba803ed9fb10313d8315637e95b46ff3859e4bda3247fb11137f53c94ef4dd74a49f5b7ad51acd1a6a201161d2133f3f6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008e

Filesize
40KB

MD5
3051c1e179d84292d3f84a1a0a112c80

SHA1
c11a63236373abfe574f2935a0e7024688b71ccb

SHA256
992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3

SHA512
df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008f

Filesize
53KB

MD5
68f0a51fa86985999964ee43de12cdd5

SHA1
bbfc7666be00c560b7394fa0b82b864237a99d8c

SHA256
f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f

SHA512
3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000a4

Filesize
18KB

MD5
38161b38ae42c98f5268ae82c680eda4

SHA1
39321e834aee82c61c7d9b2ec72747929a36713e

SHA256
c1cc33b0522bfbe34ff5db5aefd0122b641e9aeadb8cd24d9e9b9613bdfbea9c

SHA512
cbe55ec6086f804ba4c67ab1bfec5ebe9030d83a53e4e41dd393b5b5f0196c0e0f83fa642b8e63bdfdcaac198e2dae282195cc99a605252d1abcca1e985c3d2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000b5

Filesize
46KB

MD5
4d10bcb0aeed32437ca3a6c090008001

SHA1
d4938bd6333284bbe5469eeb60c463c44b3869d0

SHA256
73d004e48014e855729786a2b1efb6936cd543b22e63f5dd8dac0c380db18e5e

SHA512
58049b0fa6d8cc9efc1205ed19e6088299f7dd0f8eaf9371490278bce7b652ef5f431764438c85990c44c551aa763db4b29da2d647f7cb990babc79b3c3afe8e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0580a8e1646d7bcd_0

Filesize
43KB

MD5
af167cf33373b422dda5ff7da4b03a61

SHA1
6f818776500818e3fb9ade1659360f2857bb2d41

SHA256
7424e62bbb16c4af5e43540f2340079e6fc3eafba9d706d2ba30e9d40200695b

SHA512
c06739312042e6b585411e7347cdec112b542c5645c516a68a8e790a26d27079229e27ce5bdfc612b8b4c0b449fd9820abd87109dd1f9b489ac7ee40ee25f7f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\637cb4bf858484ee_0

Filesize
38KB

MD5
e233df6f8734799100fb57b924225e94

SHA1
3bdecb0ef01aef71b73e9b48a3f49cbc5340cacf

SHA256
89c3b4714bd9714798499467e2d64c7a272467927240be1eb59506ecf4d2317e

SHA512
7e9fd0a66599f2462947f18af3821f1b9fb8314bd596c08326436047a7acd413849d1af402b0ee875283a8d25a0e1f850634394ec997cd69f2c19c280af243e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
057a99f4f23e5987d9e803f9bafdb762

SHA1
ea26e5386e35d7548b753aa5e0607fd1baa3d1d9

SHA256
ee268ed8f41bccf609c14df4f5850db6d39eb12456c3df263f3c8a606f1a47ba

SHA512
0614d9d37274771f1900ef3ca417a31a51f5e200adf85dbfbde08b5cf491711d641c43f1a26a7eaf072f30e0ce39ce88e4e75cff005bcb814e62ae3c4ecf242c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
299607071f6379d98c33c1040b73a4af

SHA1
1d82e6c716ea2797ec0a70cdcebe163b382e204b

SHA256
d876db53f6fd3ffd8fdfa6608671502c1547b9a5c30b9666f416ee872c4be39f

SHA512
e9e2c7dbb56872440f2150e7b1bf6b7207ad8ad56beb24a619681c422dc86c876a73cce711a688334e7ff14e8dda1c397d863987ae94dd1dc98eba7ba8065aea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\File System\000\t\Paths\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_addons.mozilla.org_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
15KB

MD5
7e06b0be240e3c88d05ba7b1593c3151

SHA1
a69a0da4d5d2009f47105fd9d77433b81b542510

SHA256
deee84f5b1a5bf23f3af350e53ddaf38828c88e0d29964022b27f0303ad78056

SHA512
5be860fbb1d37fd826cdd81e7c09cbbdcece0819e49656b29a6789b98fc8470797800ce14ff3e4f4f56af403bce4bfb566ed7015fe87857b3cc771cdc4fb5099

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
13KB

MD5
17504bc39c1c90d7e370111a43e37171

SHA1
e7c251f124717afdfb02ed9b9c192323d6cf1ee4

SHA256
32989951a6a7eec224edad2b2431ee7faded9c61f387cbbd9dc2f0687b86f9f9

SHA512
bef7baef3454f20df3518268d5ced155ac61379d3a8ed12af68c0b37caecbec528b19960b9fde468fce72abae7a3e4f9a8fc4cf9f4c4ab9789a75aa3869a3166

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
10KB

MD5
299fbf9481a0a087cd77d9267dbee589

SHA1
08a6b7d5b08f8c2d7e6bec471dea1dc2f22eee61

SHA256
41b3b98b61f4fd59749a02ca190576c2511cbd8b352413bcc79897f06f6aecb1

SHA512
3fd6131a0fd3d09df1b21d61479b1c38505967783746837fdec0bc33a1509b99f3c13c8b285432f3e0646085b33ab0c36711e154c477d529e453a9444afda88e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2a56393e64fef932f0d324c5c702b118

SHA1
b249172738ed433a02bc5ac3a42c2c1492476668

SHA256
02c6b4e4120e1140e4f0e0334220835a7bd26ddb07e87425db589843e915a42f

SHA512
829995f02fb226805ba050f8a269256748f12845fd3a4ac0301a8f50fda19e5087891913e216913db528f5d16f2483f03e71afccc92548b2e0ff3fec4d551380

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
f837f1d2251ba6858f3a60e506599cb1

SHA1
3ec01dd4d58afd0e71e2663f228cce262ad0fe66

SHA256
bb0e56f22b6752ce6b632eae614d44bd72a0dced52379f6f87008e6af6c02d96

SHA512
16b54afa94b27507fca7a990e3351e3a0db55f58235fe94b9ddd1a1c39c6b6507b081460181b1963b0b9654c1a9da3558df106de53f215c596bf6868cf5444dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
6bf14ddda149ef532875935cea0d6f2b

SHA1
419d9da9007a99f2793bf19a8257ef57eed00f92

SHA256
19c20921c69c6f273edba0388e2ee0407c1b047d71f1894ac4a57752536babc7

SHA512
e6188a8636f2fcb53b46d0997c48ba9b389f505b2c3c21fb7e5e198af9aab0bdc5011e44210b082d6fab66b322144ab9f2774ad4c3e77ddc11236ad9b84001a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1143ca6bfc4c0cd76717f2c543ea6b80

SHA1
dd4f92c403b6628f6f768d79830079a05eac12c5

SHA256
e1fb7d7bd20a8351f3f8309b1924df20b2104b88880ae15b6a8078ae5d929d57

SHA512
808e44192264f924f8a413598dd1515f81b64a16dcbb96013f11cf3c4b8f3547ce21fa001cacdb1b78b9a49fc8005a6655986db0ca42ca747be1828f281e08a3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
4b6802becdcc459047a51c9d14df5ace

SHA1
1727675ba1b32666a8283ac6ef09534794497897

SHA256
9282798d19873850efae4cb8f72c0cde293eaa9bcfc7a258727cec2f730d751e

SHA512
ff98b22c70e38343878cbaf0cafc9bf49d37516dff010e45ea70652a40101beea91d17765c7e4efbbf060cdb5dacb04746e1d8519a6ad3b7edb7c2602853346d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
21KB

MD5
e185aac4d5b48e62b1a5a77d7a7658d1

SHA1
ca8a89e9dd2e62734443c33ea20f69bb49a826f0

SHA256
cda61c55035fe52171f335c438df51e5ea577cb65eece3540b28e8f508a2637d

SHA512
e0652f6b5a870d19feb462c7dcdff522d429bd3a5a48e6ab193080a823a0fd2ec280df1df9c630631cf6bbedcec4afca924b79dac59c58fb742bd6aa17955cb1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
9997e3822c5937c9c4661e03aeb16e2d

SHA1
531bb2abd02f37a18734905ab110da5ebabeb3e6

SHA256
74ea37be9bb9393d1e2b6c0091b805bc6d35d628ea0a56f145d8b5e30321425c

SHA512
c7d2dfebfa53fde4b3a9e45daa2786dca6fde2763343fb8ffbc9c62e1a76b054deb01fd697ef572b88e9abaea212d733c823d373b7b0daa63ac2e722c39fe3a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
ffcfa1cb1b9daaaf12ac10228e0d9dac

SHA1
04460e1134206078524dc6b2ab25e9444907f252

SHA256
2da8bc52ce4f210d711f788cfc4d247a7a22acd57b9bd439124f5ccc725bd377

SHA512
4fd9bed25ed243e0edba70fc533474746c733a400b64e48e4cd159efdfc6aacc73adaee4ccf651cddc8e4dc69b188a694c2e02abfcef07e9097ed92b2f9249c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
23KB

MD5
06bed2fc06857bdfaf5221ca13b67151

SHA1
c74b94d0f30648a554bce1765a71d5ba12f7ff28

SHA256
9045c4dfaf427ed60b645c9a92cfa4ccff46f81e3cf3e207de2daec982e2bf3e

SHA512
6f13b56df033fe62678fc48377d5fb1dd788b6f25f893224a5cbd197217eeb5c525d357f2ba1a373bba59f8747ed7bd1e67c7f933b85a8409e1aa87e14169e2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
23KB

MD5
e7bb3cb7a7fa30bf2f3ee1f0719c5353

SHA1
ff7333e18228200f0e7559576db3052f63186498

SHA256
751dbe2a93eb49dcd178bed7be2ef7eba95ee78310db750e3e45a8422498b892

SHA512
40fd5159ab6bde7a0262ec1cbe4c564d0437f2b67cb624f5538bd9e0b0684942bad39c5be76ea80eeb984d984193aecd9c22531bc20f3566d5102e7c8269e266

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
22KB

MD5
6a1c1fce02debc2bcdb650cf2a4e87aa

SHA1
8805c6072ee3060304014088ac1f58319ec9a7aa

SHA256
ecf7f69cd8c6a627bcc5611103b2c2141eaf49ac3c707bfb38d175727c243cac

SHA512
49370b41a10e0c43b6b92fb30ab10d14fa268b944d13965c492fa42e592d923e98057abfb1ff1beea4c7fb81cba9b0f8c07fc9f97cdb9b1d7782011625ca94a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
23KB

MD5
01864ec6705606d55492ae1daa74bce9

SHA1
9c90ad7a4a85cd65e9172033467d1eaf0f82ba4b

SHA256
3e68bb0e6400d37aa5b8eec1d1294ede8dea97a908a68f637307afef91f85fc8

SHA512
b7cd11e2252fe1597c19015a85bb107a8f8be21ad4a1984440ae40a4ae16571b1f8a85b13ff3291f053f0585cdeb1116507a88dc037c601d1af2aebef0f01ab1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
13KB

MD5
7b635747aafa8c57edcb639a48ec88d2

SHA1
8c337d5b7033731cef0c5ffdcde25639d16134af

SHA256
ed50c4141105342a10451ed98342b3d5a09167e737ebfe5a64901459f5ef1371

SHA512
bda51400aa80d66a56323c335cbbd3195c2eda291616128ae7706d543c7440a03404ce4a59f94786c5322ef0b263e45ec112f7cd65e59ba2904690ebcc0c0755

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
1b47a75d39c221b1a3b93ab34132dc46

SHA1
93569fb94c986cec8463a896b69334606b12ffcf

SHA256
d203dfd2d74ca5b303b03b22dcdab625be5acc77ef843659c407f340b24489c1

SHA512
ca99e95d791a18a3b0a79817e9a5761992133c5785fcd2f7cf6d19305bb0a604cb328ebf9d82fe2f2d932e38ffdbc664d22fe08d186c7d6bdba35c65f0e21520

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
002c235b345814794c68f58035e3c17e

SHA1
15511669190ea9a7108825159c1f4414b4214e22

SHA256
a7bf0a4bd2a82294c6bd1e6d5e72d23e7600400f30ff3bdc50c21d83a5a11287

SHA512
aeaf97d368fec558fe256db66fc0b87f3c9a3e2ffdecc1b45c071c4b39fda4a53b98d7b5259d8d955d517f7108dbc8aa215136dad9959e67c8becb5551381e3e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
21KB

MD5
17ee61a765ace3a7c02386e68f4a33db

SHA1
85fd7cbf78afe451e88adf13fbfe3b19313220c1

SHA256
a9e82a30caf8a05270c2dabd1c3c8f8c978d6ddcca1fa98ef07c86af2f7a53c8

SHA512
49ca50bdce9173d44a5341ce3937b80fe6d5383649c6b31819193a46c408db7894713a4937d058f73448861c4ae44e7210e0dacc8434fcf0c7f6309103a2c119

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
96f00bbd6a174879c58220f95f0115f5

SHA1
d3d7f82b0bf27daf1b3903bfe050c2d05422050f

SHA256
644442e740a8c0bb20f712f6f84f5bf4a81bb29d4e9446b2832ca65618961107

SHA512
e7c5e90eb85aee7b81b9c163f618ad3789a48b256040f6f00eee7fce52c60e1ff491bf0538b9c846fb115b73163710e46a45ce056e3b41ca59d88c421502ccea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
ea86c8cc69cdf7eb42ae6afcf833c1b9

SHA1
981d238d3c6fc75c6fc4c5cfac3cf4675064fdef

SHA256
d01b2ba6197b77a27ba3d68e7457b5240bc8d4e963df08677dcf52e950ee8ff0

SHA512
04a259d0e3a12ff6d42202e040ce173c53c2528bc72405222d0a4a5d82fb0e69fbb3c454e966396de93f2cfe4c60844e71628e520899a936cffa37ac1bdee022

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
bc6f19d44a32dcd644544ade2e2a515f

SHA1
1c801b0024013c97218ffd932a735796875b4dc5

SHA256
6035d2b2ced6a7195f84b3899d514185b621ac722a792a640120443e6dc17b9a

SHA512
5cb9ffbb4086b4efa22c3f57453050c178bafe5cebc5d1386ec8f02f7d71dfcec232577a6e53e07be2a1a3317b8e34917a9ca304adc3ba36eccee2a13a8bc406

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe587961.TMP

Filesize
48B

MD5
b1b4dfc36c240b7102ca3740aac4a6fd

SHA1
ac2e3c1ac17e3a36ddeb4eec76fe9e7a802070bd

SHA256
995f47ed4b76ac749a9a565fda61e47f07f60fff8cfc70d0ea7bed9063a428dc

SHA512
e6a5bf74aed62bab7ce8fd1e3a1900f6be503a2beab48defe344a52e966f92eb357f8562f909bbf06845750fe4c268fe889a728803da8aec40c43192d6bb2305

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
707B

MD5
64a2f0e1ea5a80b1c0bb6d77ee49ed90

SHA1
d033ca38713f6985347d56d0285f4ba4284e6da1

SHA256
b8b32a0277ebfd3cbc68b9089863d3e8c9a69481f7a7e9f1be7e3424182074d8

SHA512
81fe31957b174a465ab00d34c1e774344ed4047ecb1dd389a6fc6337f58c44adee4c5a36f3f585125f04f47dc6de0dc2b0c5820c6e6a6cd45f0ccdb5ab800ec4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
d024bc47a17bf678abe67c65d222c392

SHA1
b581ef73e7efa3bf777f2a551e5da3b2086dad47

SHA256
30e6eb5fd5c8ae37d11aa05343b38717fc2e38af50d330e6052318f4b44ff166

SHA512
56810c272d4a6d87c338923fc4383ca018b99ff650521313553a23e3a2ab39c7f885777353e7de41ef3704482f3b1a16b1457ca89e416abce9c8357e2867a66f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
fc7630ce9b191dff25eade569150129b

SHA1
22b2c262343ae0313d2e61c6af1fc8adadbe5b02

SHA256
7d7947f347435f57deab03bd58edf5cc14576fddb27e896fa6b35f4178c11578

SHA512
0a34f5586f6053431c7a6f045b02db10f685447c74713f0d4c316f6ce198795904ef7069a2f3a9a20ad746e4bfef2832951d608993ff7af3d54e09653d658805

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
b977e33832b1b19f2ceeef90bd2ab37c

SHA1
cf892482ccae7dd318e8ac511bb630920ca2f248

SHA256
c56e436e43aa91bc93ce5374ec5cd5806aaa460712a40b57e404acb35e338ab9

SHA512
8e8678ecd38537e4630843813a59c1bc16e3b2ec53460d9bf13fd8d21956aad29bc7b23608e47ee7763438b77b92e7f34e6546da9bc173f98de81e138e09cf7d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
9KB

MD5
5b58012a66ee57c7697fa8d0c11ec770

SHA1
902c40040a4d8ebf10e56c4d56328549edd8f591

SHA256
b165ead4f87accc05413258fba69ade3cf797640a622401a5f5b64a276ddc7b1

SHA512
faf024e0bd477abd5d21213d8eb26285fda90b2ab10c1b43d0a093cc39d5e89f569eb26bc37b6c03e6bb66c6613ff342a782ce4511384d1fa37df4e3e2546be6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
182a4a449081123fd8e51b96148a7ffd

SHA1
2813e32da76db5acda4f3b7e391659798b25a85f

SHA256
6eda8111c66d876605aae83946bedc446f47a67f094ae3488ccdca744bf33ddc

SHA512
044b01c7867ca95327f176edff9071ee8c00816784093b145992cfee01a35dc1ed4f232d8eb58d26c08672f610c6dc12ed3d8ef81907c25ab1568833bf2d4221

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1c076867b1906e67aeef80f3c5fd4989

SHA1
ead725b597f93d114b9fc6853774345ec6965195

SHA256
b8d02a46e83396b497e19a04861407b8aaf1bc42e578606c1ee5aeed14a4be28

SHA512
52cbdba808bd9e9529fd67fef6cd9d182f647eff1989cb32a81c52b59d536b35462db6a445f51aee02a7e92961b9f7ca2743451b016cd3ecae0cf70461aa0d39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
df55872dd39f17f0a18bca320db73fe4

SHA1
a3228da0faf4702a56b8292a00cb1590d5540655

SHA256
1208f0a4ef2fc6c9d2fe95e462b11a7cc8bf115f63627b3a6b80b2096109e0a1

SHA512
d766ada75071b7cd683244ceb4cefcc0e99bba2ef3d3e57c8a0e2b3ecf57b4fe4e1b20236fe784b9c13f12653703acc757b469e53aedad35865f0e5b18efb4c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
9KB

MD5
3c4a5c59def6692af1c11ebb8f04286e

SHA1
3b60b45b2a8f112f64f7d58aa8057afdbd4a09d7

SHA256
ce02b12edf44932d82ae139b08aa6b39351d5d1d2c658df017a771aaa86bdb6a

SHA512
5bcfe76c6fe7549db46ac94145bda5e9664b0b061af9123fd5d373f0db757ff41ac1e6ad9fd4dc88c8e0c9aeaf15012a81a0f7d9186afd4d7466ac9164777b52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
770246ad0b2414a1fae60813296159ea

SHA1
2e32bf43951fdad45b1038df0d07a9ba1a13cf1c

SHA256
09789f98d6831e0671004eb22dda0ab49b31db2e919afbf9ca570e944cfcdff5

SHA512
5884eb37f1b84f526bb6313f395d1db85fad96109679a71df3da17eeffbe94f765ae53ef3e59de6546fab5b06df649fbb3e7ebb00b490d7d5f043ee168cdaa4d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
56a64f6bdf548d7acf5b6bdfd60cbd20

SHA1
ebf8d013dcd55a3c3f62a7a3ed6a6ac1ae8d9ff0

SHA256
1976ee2075f0586bcd412adfc5d55337f7da354de20e3ca6ab345e2ec04b74a1

SHA512
ed6398e08a49be8b84c8bd414af40087857cbb42c558cbe3d86f1e03b3861902b8eeb885bed104a48023bfb272aa4a0f3f59359dc6d4ec01df8711f70fe89a94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
8KB

MD5
5680e327fb1040ce31b6588a1f6cc770

SHA1
f8eb63a284677325f9fbdd9c209b984084044d3e

SHA256
609ecc22d3c5837fd81446771f31690b9337a2f3f94c022d4fb5c6261990cffa

SHA512
6564b8ea14dc4385692d2e9e7fa9faac0e8fbe52c8e2036bf02ef3d3043b8690cc05a0d68d17eb48c7dba68878582fcc03830022f365e14dac7b4a75651fbbc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57f2cc.TMP

Filesize
539B

MD5
9173e5b27bdbad3a4342f518a53d6976

SHA1
2b5fa298047016a5ee63195ce2e218ff008d783b

SHA256
0453851cdb702dacd72a0b0133567d91724a1ab072a7ae12c0ea9f0399fe2e75

SHA512
0fa640f842a6c19ab5b08c5d8de85ed5f73569544f6142d86adbd6b7dc08165bb93cf41c19f7974fb4b38f78bc00606969cd7c5f0ed7e5aa32811a4e36a45b21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d4cccd67-65cd-4f4f-a4de-f8631b30a8cd.tmp

Filesize
21KB

MD5
14fb70c245ba965a857ac534cf493be7

SHA1
1cb192aff7dfcbde1d3df23bac8029cb7f879604

SHA256
f9f303fad821ef06ca7fd9577c24fa8badf641f7a002a043634131eabfadfc0a

SHA512
015b2d26bf6827e66545bcd70c5ac14864c2d097ddb151eab16d2a568a5f0f109975cbc3fba13d408481192c55e91655a4eee5d3c345b32394cbde6a7bd56b17

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e95204dd9638e30b2df592bb335f8634

SHA1
56f825c20db52320cf0d209db23cb85e067b249b

SHA256
a0eff9639b434ded423906cf571f42c7fe8ed5ea852b97790e5d073c98b706a7

SHA512
3be19e70e807393cad09f6ff041cb9aa8f94dcdeb80ce8cad0858288a9c9d89345125f2c01ec28e5ab006d5e918d97b00891784d81651a25c46aeae27c6518e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
0f6f5adeb6bf7ebf3598f2a4e4f6a031

SHA1
f9043df5af8b68da46d9cc5e6c75280442501a22

SHA256
767a19e5874f4069387a0c330dce0ca1af5dc8e1fb1faf68e6995dc735d2c4d0

SHA512
38a2282cc0906dcbb497519917e80a5c20ef26abeca3579e639eb5b1db9887bf62c3bbdcc9e43dc7903855458b4fc2108eb7dba3450dea7d164abf88d2b60c97

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
fce0f632fdf4ef5b2408c1db71cdaae9

SHA1
5d24d98d23bd8090cc79a6d76882241a695d6a47

SHA256
ddaef515a15a03df58942d50ff807eb6bc2d49f094392bf800c48c7416b18038

SHA512
1e0f7acbaf7452a75a3cfa5df95f0bf6a4d2bfed7d3e3ec6f2d416a1e469551e3ccccedb324f2268f5bebba52146ee511625f73adb5ac7ec3cc45c811d5d061d

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
11KB

MD5
e4821bfa15f05bf0282b6f4d501caa90

SHA1
6bad40f96ebc07c80c303fe49ee699cf99b6b213

SHA256
c8a8ff03e11c56d33de80d2b4519fd22f9cc06664b561b58092c3ffa5e461002

SHA512
99412f6e67fe88cb426b871ee4c9b7267b0bcd668d3a284c50f8aa49e936bd1c89cf1919ed415e4927489b4851c09cc3a9b24b784984ba0671b5995d592139e1

Download Submit