hxxps://www[.]youtube[.]com/redirect?event=video_description&redir_token=QUFFLUhqay1JMEY1RGdRUFRUWGRuQy15TFQ0bHBVRmtYQXxBQ3Jtc0tsVnFkV1VTSFZhXzRiM05iTzVFcGs2SDl1Sk9PN0VpUi1Jamh3R2RvMk54Q3k3a2xVX2lrRWRQYjZqY29PYThFX3gyaDBDZjdaTFZCUHNweVgzZVFjWHREcVc1M1I3d0EtNHRUQTRUX2E3Z2NVMmwtVQ&q=https%3A%2F%2Fgithub[.]com%2Fbill-zhanxg%2FMalware-Database%2Ftree%2Fmain%2FMalware&v=9iglWm4SkIs

Resubmissions

09-09-2023 11:42

230909-nvacnsag78 7

01-09-2023 13:24

230901-qnqgesfc24 10

Analysis

max time kernel
114s
max time network
150s
platform
windows10-1703_x64
resource
win10-20230831-en
resource tags

arch:x64arch:x86image:win10-20230831-enlocale:en-usos:windows10-1703-x64system
submitted
09-09-2023 11:42

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqay1JMEY1RGdRUFRUWGRuQy15TFQ0bHBVRmtYQXxBQ3Jtc0tsVnFkV1VTSFZhXzRiM05iTzVFcGs2SDl1Sk9PN0VpUi1Jamh3R2RvMk54Q3k3a2xVX2lrRWRQYjZqY29PYThFX3gyaDBDZjdaTFZCUHNweVgzZVFjWHREcVc1M1I3d0EtNHRUQTRUX2E3Z2NVMmwtVQ&q=https%3A%2F%2Fgithub.com%2Fbill-zhanxg%2FMalware-Database%2Ftree%2Fmain%2FMalware&v=9iglWm4SkIs

Score

7^/10

bootkit persistence

Malware Config

Signatures

Executes dropped EXE 4 IoCs

pid	Process
4596	Monoxidex64.exe
5096	毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe
4576	Monoxidex86.exe
1208	宗鹠側簋嵨嚝楆奤肋靮塚腤輾毋萱瑽.exe

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe

Drops file in Windows directory 8 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\1601268389\3877292338.pri	taskmgr.exe
File created	C:\Windows\rescache\_merged\4183903823\810424605.pri	taskmgr.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe

Program crash 2 IoCs

pid	pid_target	Process	procid_target
4568	4488	WerFault.exe	74
2540	4388	WerFault.exe	77

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133387333978695356"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 11a510c312e3d901	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 28be0cca12e3d901	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = f5033dcc12e3d901	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com\ = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "650"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 5dd0c5cb12e3d901	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "650"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy\ClearBrowsingHistoryOnStart = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total\ = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "23"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\""	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "4173"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 146eb8c212e3d901	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "602"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0d156fcc12e3d901	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DomStorageState\EdpState = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\OneBoxLoadAttempts = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-3229154902-1540650024-2860248029-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3	MicrosoftEdge.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
4248	chrome.exe
4248	chrome.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe

Suspicious behavior: MapViewOfSection 9 IoCs

pid	Process
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2164	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2164	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2164	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2164	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2832	MicrosoftEdge.exe
Token: SeDebugPrivilege	2832	MicrosoftEdge.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeShutdownPrivilege	4248	chrome.exe
Token: SeCreatePagefilePrivilege	4248	chrome.exe
Token: SeDebugPrivilege	1324	taskmgr.exe
Token: SeSystemProfilePrivilege	1324	taskmgr.exe
Token: SeCreateGlobalPrivilege	1324	taskmgr.exe
Token: SeShutdownPrivilege	4248	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
4248	chrome.exe
1324	taskmgr.exe
1324	taskmgr.exe
4248	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
4248	chrome.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe
1324	taskmgr.exe

Suspicious use of SetWindowsHookEx 10 IoCs

pid	Process
2832	MicrosoftEdge.exe
2668	MicrosoftEdgeCP.exe
2164	MicrosoftEdgeCP.exe
2668	MicrosoftEdgeCP.exe
3780	MicrosoftEdgeCP.exe
4596	Monoxidex64.exe
5096	毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe
4576	Monoxidex86.exe
1208	宗鹠側簋嵨嚝楆奤肋靮塚腤輾毋萱瑽.exe
5096	毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 4488	2668	MicrosoftEdgeCP.exe	74
PID 2668 wrote to memory of 1520	2668	MicrosoftEdgeCP.exe	79
PID 2668 wrote to memory of 1520	2668	MicrosoftEdgeCP.exe	79
PID 2668 wrote to memory of 1520	2668	MicrosoftEdgeCP.exe	79
PID 2668 wrote to memory of 1520	2668	MicrosoftEdgeCP.exe	79
PID 2668 wrote to memory of 1520	2668	MicrosoftEdgeCP.exe	79
PID 2668 wrote to memory of 1520	2668	MicrosoftEdgeCP.exe	79
PID 4248 wrote to memory of 4708	4248	chrome.exe	85
PID 4248 wrote to memory of 4708	4248	chrome.exe	85
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4148	4248	chrome.exe	89
PID 4248 wrote to memory of 4976	4248	chrome.exe	87
PID 4248 wrote to memory of 4976	4248	chrome.exe	87
PID 4248 wrote to memory of 5056	4248	chrome.exe	88
PID 4248 wrote to memory of 5056	4248	chrome.exe	88
PID 4248 wrote to memory of 5056	4248	chrome.exe	88
PID 4248 wrote to memory of 5056	4248	chrome.exe	88
PID 4248 wrote to memory of 5056	4248	chrome.exe	88
PID 4248 wrote to memory of 5056	4248	chrome.exe	88

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqay1JMEY1RGdRUFRUWGRuQy15TFQ0bHBVRmtYQXxBQ3Jtc0tsVnFkV1VTSFZhXzRiM05iTzVFcGs2SDl1Sk9PN0VpUi1Jamh3R2RvMk54Q3k3a2xVX2lrRWRQYjZqY29PYThFX3gyaDBDZjdaTFZCUHNweVgzZVFjWHREcVc1M1I3d0EtNHRUQTRUX2E3Z2NVMmwtVQ&q=https%3A%2F%2Fgithub.com%2Fbill-zhanxg%2FMalware-Database%2Ftree%2Fmain%2FMalware&v=9iglWm4SkIs"
1⤵
PID:4640

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2832

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:1048

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2668

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2164

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4488
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 4488 -s 3824
  2⤵
  - Program crash
  PID:4568

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4388
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 4388 -s 3204
  2⤵
  - Program crash
  PID:2540

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:1520

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3780

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffa4e7a9758,0x7ffa4e7a9768,0x7ffa4e7a9778
  2⤵
  PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1844 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2116 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:5056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1536 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:2
  2⤵
  PID:4148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2888 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:1
  2⤵
  PID:608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2880 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:1
  2⤵
  PID:416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4468 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:1
  2⤵
  PID:4592
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3580 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4796 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4592 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:1
  2⤵
  PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4724 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4432 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:4156
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4608 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:4752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4932 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:5000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=972 --field-trial-handle=1804,i,2939204518100815152,13410108752713676980,131072 /prefetch:8
  2⤵
  PID:3568

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4088

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1324

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3792

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\" -an -ai#7zMap19990:76:7zEvent26051
1⤵
PID:4752

C:\Users\Admin\Desktop\Monoxidex64.exe
"C:\Users\Admin\Desktop\Monoxidex64.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:4596
- C:\Users\Admin\AppData\Local\Temp\毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe
  "C:\Users\Admin\AppData\Local\Temp\毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe"
  2⤵
  - Executes dropped EXE
  - Writes to the Master Boot Record (MBR)
  - Suspicious use of SetWindowsHookEx
  PID:5096
- - C:\Windows\system32\NOTEPAD.EXE
    "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files\7-Zip\Lang\ar.txt
    3⤵
    PID:4512
- - C:\Windows\system32\NOTEPAD.EXE
    "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files\7-Zip\Lang\ast.txt
    3⤵
    PID:2128
- - C:\Windows\system32\NOTEPAD.EXE
    "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files\7-Zip\Lang\si.txt
    3⤵
    PID:4048
- - C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe
    "C:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe"
    3⤵
    PID:4520

C:\Users\Admin\Desktop\Monoxidex86.exe
"C:\Users\Admin\Desktop\Monoxidex86.exe"
1⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:4576
- C:\Users\Admin\AppData\Local\Temp\宗鹠側簋嵨嚝楆奤肋靮塚腤輾毋萱瑽.exe
  "C:\Users\Admin\AppData\Local\Temp\宗鹠側簋嵨嚝楆奤肋靮塚腤輾毋萱瑽.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:1208
- - C:\Windows\SysWOW64\NOTEPAD.EXE
    "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files\7-Zip\Lang\si.txt
    3⤵
    PID:68

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x348
1⤵
PID:4948

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:4108

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:4420

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:608

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:3808

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:512

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
532590da631a2d96a3393b1a6f286953

SHA1
1f8ea1471da52debc84a0cce985c844737a29c71

SHA256
fda7a3604e510d0946b27e6100e474512f54d069b2f86a2782f8eda616ddabed

SHA512
35d60f8e309819967c3535404c57131afe4232eb633872ca51989a01fe95866ac8775c6f0f9c9308db7fc4d5c48555d34c5aff295a745caef68ece83dd4bcb03

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
44cb50f8e45a85bd14de79c673b03f99

SHA1
08ad05c6b4dfa21c24a6c9c8897de3ef23e310b4

SHA256
6a86c349e154d593285ee1a3139e913d9b56e43c1c0628b3090cc10ce12b2284

SHA512
138d33bbf2b0bce162201c2907cae8b698989f83833c0d4f29661bb167ed3ba8cb29d7a2d9de376f9449d493fa3737d0ddc31276fbea0960038e2990c72d7725

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a08e0889ffd83dcfb5384dd9d8812109

SHA1
dc9c880ad7af2b055acf04d1c897699d538ca8de

SHA256
dc09d5475dd2680f16be52a6fa858f5354fbfc722508de0b126eb02c16e43fbb

SHA512
a9c92c101b753e8850440553425655f746cf75e885763b0131d01540b38378071ad245cd8c1dc3f785e07a8ebfb97bc090330a5f11023457af9fd803f14a23ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e5c2affc0c875b137ec60a839e55fe06

SHA1
4ed43f32d2d4fd03fd0c6efde99b7e17b71a0e88

SHA256
e77bd1a7a29879f7df99b17cdcf77b492ae31f19d53c350f2308a3ae301e38bc

SHA512
e72cc5b7ed1dc4bf606f0f24fd64de85c9051f8f8d37c2649285ce83479075c303f9f19d6d377214dd9b3b31573a19978e9108afa388bf7f55b63c8335e12dfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
0559b9311522e543a307b6006c53ce9b

SHA1
082d116b71f8cc96c698e3374e858d700f4be03b

SHA256
07acb468fb0b7f5ac46206763f2d836160ab234a76e473da8a82c9099df91834

SHA512
e0f7744f98510134b65614c6c0bc6c9fdc97396ef1a49978ba84e4f735ca8bef52dbf97ed58b31ed1bc40eb49b507a1a082a7481520d65ee01bf94819829b1f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
5936e3e3ce95bd992e11fc6328673db7

SHA1
31577699a85eea42f253ddbd307d8e1ef4c84501

SHA256
2245e2cd869725a97bc585939f5c1f73d0ba124fa8c01a1d813cc942ec98da89

SHA512
0eaede370e0b98d9903f87006cfaa98e2d842ff48dec4fd33149dc685e79eec32f2fcdb7fe24e7e3a7f19b14a8b8d0835e60d8cc8aa54ac76f24de7809213b0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d0f1ec128936ebb918c44913e23c47af

SHA1
d2ebcb8e13ee7258319205388811571a1fae86ac

SHA256
71494ec8e95a77081164fd2b1c14108d19617d4682f23e60d91253f00f12ce1c

SHA512
b7af400e775e6e4eba6f9ba028c8295b0b84caf78295c893ec510b4fa7e387d3ea2334d98ff64581c60667fefbd043af883b49607cba1135037112a20266d246

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
2c0f95283016bbd7551226cca029ec3b

SHA1
709043ed15b494bc2028917653d94b66796c2cbc

SHA256
0a8696af89c52557d44d293d3e1fa3a80e1d3d70f9086ae9f9b08c36b840cb85

SHA512
e0165ad921ac20f51c88ceca95b5e818a11ce0a1ad4f3aea54e90d95af04c3cbfdfbb5b0957fb2705e4bb29e6f302dd36cedbd83a821cd24c52a2c945c896458

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
b8f8ddb56341b8ce78f28896295381b0

SHA1
697a5feea70b50fe5856e914a7cbde50b2052e4e

SHA256
25f4e736106ff5a106e3c2467385a503acf86a6db7f975a7ff7b1b3d6852f837

SHA512
b7e877ee2a7def19e7a3d58891f04e955ed6781d93258aa24d92c156b0104b3ba02f7b5a38715897e897de627e31ea67790bfaf553a811b8779d6c2af6e05a3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
195KB

MD5
ba5d2bd5ad6a09217eaae7c0a13d4492

SHA1
0108b3284b3f74cc6918e352559be9f84082d2b3

SHA256
955dc7c63972d44eaeb25c887fbf1b73edbe5109f7600d9843c0223f12fa0b46

SHA512
55d0ea57b000a9355ef91c44e38c624258f2ffc73ce41114d10b520a670b9453186ea6ce03d6013f2d7d0f48756043f2b7afc5ee8ad300652f73a880ab68aab4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
100KB

MD5
b499cb09439dfd735d5d02d7041bf860

SHA1
d82ac66c5707e0e50a099a0dbcb948eb7759a156

SHA256
bba13e604d4ee5bc8b1acdd0c0d8c7e15b6c1fd140d938dd23f879e7f2a6d293

SHA512
e78ecceb7bd7f99d6bb7bf0c3df7e0f9317917edd424ee36586fcced6be16d281d066c25db888dda42379c9bb4bd38f842bf9db45711bd6f23cd4ceb1670cf6c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
103KB

MD5
2821176f33a2ae01c37759c01f3c48a0

SHA1
7249ba9e430ae38269bd02ff296e87014eef3133

SHA256
2b97bcdde59f1d6b7a18bb40864fe7501bc218863b30a99ae783dd9a930fe0d8

SHA512
8aa43175b84c1963e4f2c47143347539d7182f7cf933cbdf212307f39a0d309923a349a15b596ace8bebe8a987da950a1b622bd2403bc24d9fca8ff3164d05b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe585399.TMP

Filesize
93KB

MD5
79ac2b8506224400bf970cc4573d26df

SHA1
1ddb9c608d237d90985e7327c09c7f596e419e80

SHA256
a96910a26e395adf53bf9ae3a971407ab148b9cb69693f32a88dc4e19bbf942a

SHA512
b3fa1d94d223222fc659491d614de5a54a968385987c1decccc475783b093d91ce52c982c63bbf1940d2934f6e69b8239c73e131ad4e5af9edada3b218920587

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\MYDJJJNI\www.bing[1].xml

Filesize
1KB

MD5
c9651febbe20bf8cd7618cf2f8aa0447

SHA1
f5906514dbb582f46025d65e9b42fc61b893889f

SHA256
ac382b6b3dd8e9f5bcac916bb3ac99052ffb2427db98d467fc795ab221553178

SHA512
1607913b31076393b1ea662fdad5ec19ea78e624da33a03d4a3f7b89add73728adbf9c9cbc8c9966973ddd2ed8d09e6a173784537d1921a0be3bcb450068dfe4

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\G03JOPHH\favicon_32[1].png

Filesize
348B

MD5
3a880420311ad60097059ffc0fc53393

SHA1
7644b902864c4ba3604f61e0880e05da15ab464f

SHA256
571c382651d6337cd5fa49c512d02f0f99d523a896b87175fb59c710e1fcbc7a

SHA512
c16652970d04b7b76f7e7ef5a8d091984a13406cf7f5475cc3cfa3ecae3278c19be5494be39a8e549978b0675d1c70f69cc1413de9240487943d91965aff17d1

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF330A681A475BDBA2.TMP

Filesize
16KB

MD5
f5ea1666da501913ebe8baedb2e688b6

SHA1
47c66b0f1ddc16e1179a04d1031f38c04a3c8387

SHA256
a8679d1c19f70b3c8f354534600d449b6cc03faf14433b7a8f300e2dcc8c5428

SHA512
66e5cf1da38d37769b9de80723940929cf03ab97be2319a7e9105e99fd4ff55188d13f21d1a8cf7bd09b7b4cde5826edd9ce792c910a83c0ef0deb6c526e75d0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-f7b8ad0ef997[1].js

Filesize
13KB

MD5
8b0978efb29a29004bb5a15fd359d6cc

SHA1
df5ab7730e053b6ad71b92bd6d22dc256f5d2c8b

SHA256
38061834151c6ae8cc8bbda80d42fc76f7186ada194b831f7dcde57d47caab7e

SHA512
f7b8ad0ef99797b14125b78e15e13961fd6fa83a4616ea7660c738ab7e012130333094269c275269d7dd1a7abcf939b3bb73020a016a52aae526349a6ad5102a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-f22ac6b94445[1].js

Filesize
11KB

MD5
5ab2a93e39fb8bc7f194eae7aa5ef209

SHA1
5bfab4aa9f7da934836a6a6bf31bbf1d362f4de7

SHA256
74e55884c09051b4a83119381fb22253038304f9af50f937c5e9188b98ae23a4

SHA512
f22ac6b94445a4395f84c3f3621dceff247e8afc69fedbc728ffd6c828dd1a2a7b3dbe87cc4fa15882feaabe7906479e9d480a1f78b629cab9c797f2f11ba3b7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-c96432-b9f980134541[1].js

Filesize
6KB

MD5
4719602c2853b4c9da5fc5621936e32f

SHA1
6b3ab7736f8689006ce71b6f419ae2fe63a9862f

SHA256
8a78da560442ebe9f10e2aa20bf6451d5e8bd6a976666c9eb1828079151d15c3

SHA512
b9f980134541e4d4604a1c54fdbd41e49de5b49b19c8426e76648ef8155a31595adba39c251bf31dbebd088e252a506bf2e21c329e63e369912edaef76fff673

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\app_assets_modules_github_onfocus_ts-app_assets_modules_github_sticky-scroll-into-view_ts-b88dcdb1ae32[1].js

Filesize
10KB

MD5
ee3aba9b8890b893c72a33ddaf776659

SHA1
bf7eda005c5cc933094a66166eda5a8e5b51ffbd

SHA256
772fa4a39467c2ead465e677912713e30d77d7bdddf596d044333610930d34f1

SHA512
b88dcdb1ae328a1b9007842aa50d133838e4c626edf94720e0c3ce484d6848a55388e59aed0be1d4504804e90af7116a7d453a41a06b200604f85a1f20504b86

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-e4da304b75e7[1].js

Filesize
9KB

MD5
339c2cfce6990ec1fcf0d78b19c4de11

SHA1
8c7723d0b7ec0502fa16fb6cb3fa8892c5853668

SHA256
a7ae7379bd0d356b279ab9d768a88a522c22168ab8cf06afd37266f32356a5de

SHA512
e4da304b75e73b1497d1480659c2df1d7150bdb291037e8745ec820898c6812374b616b7f1449bcc9734c5ea6c68271ea4d3bbac5268cb778f742de92a4c4f87

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\behaviors-2f60da4f16b9[1].js

Filesize
218KB

MD5
9dc9dc68e8d16eb1050a02e2f6d12d53

SHA1
73e8106250f51f7e9582126dabfb55acd8815658

SHA256
d674ded885a973e08778df9298a64447efcc44fbd679ef2545f12bdb010b5a89

SHA512
2f60da4f16b9c1b7062198d67769cd24c202f19af98615a0ce28999ab91fefe08ebacdcecae1dda2f809285b04d69aac2b0a848ed351e6940c0b30f13f975869

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\code-f68e2653d00d[1].css

Filesize
26KB

MD5
0825780e401f263e9d9ed07a368151eb

SHA1
1bdbcadb34852d36d75936ce6c1053c692a93875

SHA256
efe3f3872ad851cb976f3bd8b931f706803bcb5675c35c4e93c03a2e207336d1

SHA512
f68e2653d00d79eb9fcd9e7c548521d8188f468bfde57d4afda89186a8843a9f86f8f04be0dac23e116f2aebd112a80123769b5c58d051dff0f6f4caa0e0441e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\dark-5d486a4ede8e[1].css

Filesize
55KB

MD5
19436877f89e60010b7bdc2997dd75f1

SHA1
50a61fdcd0286e9ab8f5359fd9db28682a3d6e4f

SHA256
5a51afc15dead8f58e22d8172aa679b06cb8dd022a9605cb3c1e34cb287c516d

SHA512
5d486a4ede8eb3ebb07d0a20c0fad1fed8e119117c4320687aab92b608098fe3d2bd949155344c83621812a68c516b80222acf21ba942fe68c466b938370d85a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\github-5636d019c151[1].css

Filesize
170KB

MD5
055996a5a4171cb4c3277341debd2734

SHA1
651aa676fcb3e6ab66b2a0416c7f391ff6609b83

SHA256
6743a6738d3ee4b82866c6af042520410bab4bb97cf651d0a221652013ceed0b

SHA512
5636d019c15104e31a349b959050e08c0ad72b6a0a84f467839a57d1c403eff315d3e77ca3189e63164839290e25f88c949fb06e77b2e3f0bd9619b25c4306b3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\global-38f5d4710d3e[1].css

Filesize
258KB

MD5
af3e59d53fc8f22aa3c452b71f7572e8

SHA1
bce7305c7ddee8c669e1112d2b62db6c8bfc145f

SHA256
68dc2b33b1a344279f6c4b73a91927a94073560c917637c36864de51b794fe57

SHA512
38f5d4710d3e8932f8084a6105ef0d471e35a92f3a19ae7ff42e882aba7495a6ea22de74b9eaee52079c839cc641a4b463cedb35e6b4455c2488cd3b6556f096

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\light-983b05c0927a[1].css

Filesize
55KB

MD5
36ceaf3dee140f5c6b956a646f73e530

SHA1
93d9a28942466a2db4567ef2366fb904ae6e61cf

SHA256
f889bf540b1260eed0a10ccef805892d69f388ff3893f46dc9cd70dcc7b7c768

SHA512
983b05c0927a2a6673dd5814ebe181f9d56fa78f2b494adc00c878d98952b3fd7418c8ee70cd3f8c17e360d9b379c677e87edf108622afd3efa726ac53e08a54

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\notifications-global-f57687007bfc[1].js

Filesize
12KB

MD5
0eaf2df0863932cda9d7aa564202c529

SHA1
29c3dcfa692a63bd44aa51eb0f26d99f0b675852

SHA256
3abf69d260803743ee9dcd6707b977ecd80dd706b4a14ab9c113ed73a1246c5f

SHA512
f57687007bfc7387e56dccf1094b83f7ab195b19a12ff683443d91bd26d1ad0b887812dd7047a932442212c4863b344f33ff964511b1c6042439a71171c661c6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\primer-15214e5f9104[1].css

Filesize
349KB

MD5
031f96248532364e2d5591e4091af7bd

SHA1
d2bfcb6117e343175a6e8431cece0db709eac834

SHA256
141d02805303f227eb6a2a6db0500d620138f80b2669fb4afa9ae79626ea3e82

SHA512
15214e5f910470f0636a25b7a6a393e5dca3bd93cfaa8528e97d9c64f2490108b3cb5bbe2a97d90a5f976ac77d85e21643c275b8fc5674575664227c525794a7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\primer-primitives-49b09e982548[1].css

Filesize
7KB

MD5
2a075d5cbba05f78191a9c6fe9a4c1b1

SHA1
3ce602886a54eb3b107447045bb60dfc88c73857

SHA256
a2e97ed677d92923d28ebb8af5374f05658bd0771c1ebdaf1914b355033c3341

SHA512
49b09e982548fabe1c5f19aa23c22c043538a06b266e2f120c99853d64cb891c519c1d5f0a273743cab067dbf13d4d88c20a28398bd6017be029ef5f907ea55c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\ui_packages_soft-nav_soft-nav_ts-df17d5597d8f[1].js

Filesize
9KB

MD5
2f038fbfa93a971dd802eb0e514c18d7

SHA1
55af6fd062ffae2473ca6a7684e73416bc39dcd9

SHA256
c81ceddd2a765b45c57b38f79ab5708b5f41a77c870d0bde9d5aea37b42f5691

SHA512
df17d5597d8faf3f67217c963afc376bf138415a08bebc5c14e2a8aaab81725a5befd4093e47383a205f58bd74159672fa812cc8e5198d27b8c1402694a0a429

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\vendors-node_modules_dompurify_dist_purify_js-64d590970fa6[1].js

Filesize
21KB

MD5
9cacdda9881719772c57c7de36b1c3bf

SHA1
181ebee09d7abf24b5a1459be668a5cba64ef9d1

SHA256
7fc339584be03e55afa6212c15f3486ebea6541eade7dc83b155c6f8ad4a6b16

SHA512
64d590970fa67bdfd87093a4a76ad81c0ed49966406625608bb92d69fcb31265138abffe5e4a1360081034ff34ed52b59c54afa672d5b18c7d6c51795d385abe

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\vendors-node_modules_github_markdown-toolbar-element_dist_index_js-691f92ed710c[1].js

Filesize
13KB

MD5
bdcdc2b4e458db9268c4b97d4473eb6c

SHA1
af05bd9ad8caba7a9e6549103b6a128e44808032

SHA256
5b2f2cdd0646bba63cfbfd94fe976c775c6397ef204c1d09300c7c2e9e8cd02c

SHA512
691f92ed710c3849a2444f2d01bb9cd2e12ff990bf4daffd76d57b2ff67202ae3bd02468985552eeaa7ea93d41ffa3cb0014e31505c8967dc9d3474eceee5d4a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\1V5JINP8\vendors-node_modules_github_selector-observer_dist_index_esm_js-2646a2c533e3[1].js

Filesize
9KB

MD5
e5411d902c14114345232eab0b388a2e

SHA1
a079ffbceba09465e2546881d6b963d05edd3add

SHA256
3dd71977f8bc77d1d340787b166bb300047f951a16e440f75c9fe2599659a70c

SHA512
2646a2c533e30cbd3c0ef653c306fdd6052f00fb9479ea664f791ee17c4a8d8321a0337dc9f79b9a0aa0a1d68a9cc84b46bda6b2285bc16a8434712b54794f75

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_sso_ts-ui_packages-7d50ad-9491f2be61ee[1].js

Filesize
10KB

MD5
058cc61b0991de0e1b4805ff2a8f4dd5

SHA1
e1d35d1947ca550b3a449a43ea16e69f9dd928a2

SHA256
2fb3e697b26afe36b6bb71690fc20d32b4a1f5f2bcfda145cd997ff61082bbe6

SHA512
9491f2be61ee455ed9303a203fedc04af3245ca66c69dea0d794c2123661e67e06a3855b921bbdf13bd115b9b33e62e8d9c02ac2670beb4f8513992119f3049b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\app_assets_modules_github_details-dialog_ts-app_assets_modules_github_fetch_ts-9ca164041015[1].js

Filesize
8KB

MD5
a416c299ea936d3e5c20cb1d5e1e578b

SHA1
a4318705c0e82d828a72ad2659231374015a91b9

SHA256
e8b9fa948eeae806d495a5a6711595d5f1b3ac4ebef937f287695728fdadda35

SHA512
9ca1640410155ae228179723c76f650265ca007b4b935f0496207be050ce9c446390dd43d3bdcebd06bffcae55761aea3251ed0b960973af2b6d4a09c3f70b44

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\app_assets_modules_github_ref-selector_ts-0e2b12902d39[1].js

Filesize
9KB

MD5
36131d994b708536be50b640fb64c7b5

SHA1
d6e250df44fb040164e28d374c342803a30cd3b0

SHA256
e27fa12b336e2227b2ace749278d869c64dada7e5f859d0d31e70d75791bdb71

SHA512
0e2b12902d390d5bd7b3d4d4087ed2c4cb9eb2eca2a40e2d172454ef87f5a4dedfd989650ea2484833197375b23d3337c9bce765a2de34516187ea3f99e425ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\code-menu-c743a13234fc[1].js

Filesize
15KB

MD5
43cfe02660bf8452bf9b2d2f5bbb276c

SHA1
928c690fa3ba07c231a85ace75bbb2857adef392

SHA256
912a935458378d8c016a4dfca07c65a7af8c8b77b7077ad5d81093e81d1228c0

SHA512
c743a13234fc635c7fbe4ec2102a7c8e4584c5c640880de7d84f3693aa8e0704bb787cdf41d1dc1a304283b62e9a78edb265e248f5069877cd78aed433752d09

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\codespaces-b165037d65cb[1].js

Filesize
21KB

MD5
e0b7e2eebd7c21e512a36bcb28b05ae6

SHA1
44d06acb61d273d1c4a12375920697de199d3692

SHA256
9e8db1277ea8848ae12e8392f2cea9a6a53638a87a43783f51665432f95e567c

SHA512
b165037d65cbf65f9e7f0f7a8e6a05904de5b53209591ce64f8a7ec757a547f83b0cf061d4aac8a584a2a3eb6270bfbfade302ec8af9e25fa2551dfbb2b2b3ca

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\react-lib-210c4b5934c3[1].js

Filesize
206KB

MD5
70f3126d34a3de65d02ac6f371fc195d

SHA1
d162898b40a7ee4fcf7d6bb7a476637b9557b2f7

SHA256
47b62728c2f95cfdfd0e9f2ae58ffed7fe13ccb3a3aa9e5677f5faadd6b5a295

SHA512
210c4b5934c3de5f2117ed074ca911a41775bbdffc50ea3dc1b6141ac6786dcdc619857cd8ea842fab9515dd950e76b79d4a597efc54be5582c70cabc59640db

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\repositories-e0e894816616[1].js

Filesize
68KB

MD5
00cb8a5f80528e94a2b06ebc12c0bb3a

SHA1
e5b2d418ce1e9970d40cc68d9661e5997305bf91

SHA256
78994c4a167327dee43101e61932298239038e8c4c3c767e6cfd9971dd4fa14c

SHA512
e0e894816616531d2df08b92cae039c5e9266f7c0d28f989c682f873bb5bc2e29da7ea894019ec25669b25389698668c124fb770fa44905768e39900c8a2f305

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\topic-suggestions-e57c71e486d0[1].js

Filesize
10KB

MD5
20a2f784b5a605db9a91a8360b625d32

SHA1
d088f3441f3018748702af22f62a312cb2a1d2fe

SHA256
c1e1e95c9cc69871d04d66ad1b9456ec6994bd5be8d88cd7c7ad9d04f4914fff

SHA512
e57c71e486d00e52b201d47985515184e2253f47aa8ad143d3b56381a2e70a40066797f07df71450594eb3b03a6fb4779ee8093427b15b93adfbeae1b3b9d79c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_color-convert_index_js-35b3ae68c408[1].js

Filesize
13KB

MD5
9dc040f59be2a61a2c9e74568e81a859

SHA1
7ea23e783cb7242b748c0630d5946c82777fcfbf

SHA256
b05a7e19c59be8422fa87b0c0a3ec37a9aa64757092ee6afc887500c186324ee

SHA512
35b3ae68c408451d73656d48ecccbb9663b4e824ba12a41275a8878859bd48ce96612c54d7a72e8201b61efb6054187571d3da8d4db02418d54ed74cc0dd6126

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-fe0b8ccc90a5[1].js

Filesize
11KB

MD5
b49149f4a5bb177d2a996d4dabb198ad

SHA1
7bc5e2cab51623c49b486fd3d809e277eca85d44

SHA256
b39d718bf90927b25fec09e7d70cd72b69adac6bd943ceeea106959922c230e7

SHA512
fe0b8ccc90a5b06dd44f859d6cde857cec873876b0ccef2ee3dcd1edf036b5d636487a134869c5e05f17f7fd224bb7ad47b063161eb1b85536a362b0b5d99759

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_filter--b2311f-939ba5085db0[1].js

Filesize
20KB

MD5
d376df628c3e73f17c199bae0ce3e013

SHA1
f42e6dc94b32c915d016a12f1c4c996cc886d727

SHA256
ffd4a453e1ee356f34cd69f1768975c20811b3e396303049dcbb490dfc7cac4f

SHA512
939ba5085db0b7179d736c8af4d8338d93e8685f89a7dac485981aee344b9225eb90182c6f8b7cc60fd9965d9492ba04efba9c4fc2b92614b9988c7f275b5540

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_github_remote-form_-01f9fa-5cbb9ce8d109[1].js

Filesize
20KB

MD5
8c010b87185e6c89a6a29e00b72abf1f

SHA1
17e9037b79f88aabfc5342875f4f537b119b5994

SHA256
12d7b140eafb651549445c6ce170298fd733d68483418f7b7b4468e5a3e931f5

SHA512
5cbb9ce8d109ea7ff25373bb2a18ccea265be47489d23cea2140dffc5598b475f3a297547ef756a707acd7b6fb2d1f66168da17b9928c842d26167e8dde6bfc3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_paste-markdown_dist_index_esm_js-node_modules_github_quote-select-426751-0153d059d677[1].js

Filesize
33KB

MD5
9cb4a4b87e5e48e442b3aa263132b100

SHA1
b42e44ad32f19c76384ae8d035ad4bd3f6a0b84a

SHA256
f4055a32c217ea432b378734cddee8c248d51229ca24ae39354469670234ed86

SHA512
0153d059d677a43c3ef57d04d5e0af0e4876d4efe07c70739655c5456f38bcf5b2fd0ddf99c2ba40d3a403ce332ea966b69a3eba15b929f4fbeaebfc6fd114a0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-0e9dbe-6435366f0862[1].js

Filesize
9KB

MD5
3e2268f13ec8dcc3f9ddb13b49e9a91d

SHA1
4a24574d4a8aa0822ad7601b1d4a3a4ec5bd362a

SHA256
688a889a6d0e5c87c5e2678999376f1a39d71d93cb7918e7b2dc96ba31120a81

SHA512
6435366f0862771ecb04715eae4d99a25f9493bf5214d540c59f456a17daeb07f5928dd9398098a2ffb80c959a5fcea7189ea1444eb6b536d3d109d37932eb32

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-c537341-e6e70d8c1a13[1].js

Filesize
16KB

MD5
b8c89cbc992be915cd761b98e73822a1

SHA1
6164c8a02dfaa7e6dbc7932b3573bf7ecdfe2fe7

SHA256
afc2e3434149a2142388baf7113c0331128939f8271b9af3dc9a99c5d52eb399

SHA512
e6e70d8c1a1383b0309c6ed3dd2076fa86c8928d455c16d7258457a5113dc7ac550fc423373be53b8e659af95705ff726d21e09b1cde3548c6023cbb5dc8f062

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_remote-form_dist_index_js-node_modules_scroll-anchoring_dist_scro-52dc4b-e1e33bfc0b7e[1].js

Filesize
12KB

MD5
6ed77e8843f620ad455509ea7f15e2f1

SHA1
6ca0ef769ba65722f22abb77936e917fe66136f2

SHA256
270e861a9bb0e815d2b57ab3fd881132b05eb9a39d1e9269f12529b03aa168b3

SHA512
e1e33bfc0b7ef7040dac38396663113672f27ae9c49e9517a18238dd67012d693ffc8e1b562487ed87dcc9ac91286cfe9bc2778e2b3eed044cb7dd0c6952622a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-1f4793023fcd[1].js

Filesize
76KB

MD5
55dc85b1fc0c9d278a3c7abe09b9bf92

SHA1
ba1bc6806edcc38ee92b499872368b80cd715c93

SHA256
89eccb9b04ebe405ebcf5b10aa39fedb6c41dd3df1f04d39e390401cd05fd193

SHA512
1f4793023fcd4f15fa958cdb34afabc03b919f52c91ce17436a33c753570384045edba70c9f14a5e6f11e8533c32d90522182b6ab0ce6630de8b937f7159595d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_primer_octicons-react_dist_index_esm_js-node_modules_primer_react_lib-es-14a089-38d45acba361[1].js

Filesize
528KB

MD5
92c388beca542ea00c983caf83778fa5

SHA1
c9d691f6c2c2283491e3f64364050f80aab14a08

SHA256
72f4a28e68fd1d7dd8abf55983c3e2426693ec895c11ee3bc866858b734cb47f

SHA512
38d45acba3617d3e8bf9013ebf529a2133b38841120537efd985149a4f041382182af095939bae4789d9f42aa160899a0cd0f850db23c788a2882987c632a64d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_primer_react_lib-esm_Box_Box_js-8d2713f90c9a[1].js

Filesize
16KB

MD5
ba629c84d9712763f7c81871e4c7b10f

SHA1
af7a6550a363cc0b849aff1f54144d26fd319e7e

SHA256
4b3e45c289b856a73d40094e679901a3b67e5f08d25e157a6d641033dfcdc1de

SHA512
8d2713f90c9a5d6546714b4de46377ef46a8e0729df062ba3f7d8e920b89143e7bd36be6659d2dd4a7472b3f2d1183e4f25ff055d41f7d6e7b97b80afa30e78f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_primer_react_lib-esm_Button_Button_js-node_modules_primer_react_lib-esm_-c2022e-70aff6ca05a9[1].js

Filesize
11KB

MD5
ea2fa4819d1125775b94f6ad62fb6c05

SHA1
784ca0a4012eb88f66fe12e8f2011b6eafac217e

SHA256
f04496061768b52962ea7b56bf28166e89bfdda179e488f7a6a1fed0a44e1819

SHA512
70aff6ca05a99ef79a85733e7677b3a5fb034d788d2f967d9c48be308a3b78f5a3e52e7ee6e967521b92172a2c5b1d727850933727d29a6b8caf875b874a659a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OHFLVOC5\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-677582870bfd[1].js

Filesize
12KB

MD5
6f2fad8940d88a18809376d4c574bd7e

SHA1
f2c116573896d7f2ab1e6a38f38965cedf0cb233

SHA256
d11f2f116c2f0de9c855e1b4a3d46e4d383d70f913e809e5c8b51daeec0a75e4

SHA512
677582870bfdc51340d939a2629b56978118fb401e57f7c01f94cf9ab18e688c52e25d06b62005fb06c80e13b3783bb7fbeeee754bb62f350cd927e645de33bb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\element-registry-631c5146145f[1].js

Filesize
48KB

MD5
fe625d4b942dea485cf815b5de468fd9

SHA1
a429fe1e22b2bcc6f8ec607e1c97c901c94f384c

SHA256
72682e2079d09f95247506e74e20dc105e431f6bed1261a5a37a71299b3f428b

SHA512
631c5146145fdf9736d8b5eaf727ea63fcd62b3b82fa882d43ca93fee30117b9c2547fc3ef37e4780f4fb321caa2e4ad5eede147baa9d10f71240f7ca23d3720

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-f3aee1-fd3c22610e40[1].js

Filesize
9KB

MD5
f65b7964371439aa6e9e4cd2ceb43b6f

SHA1
d9005c236c7b62e54bd5fa3cff98f4af527dc9d4

SHA256
ce1a4c5110ed11e16c1f441f3c18524435fd3d6aa839b9d48330f92d5e3cd270

SHA512
fd3c22610e408345c25d88db7fd8ca7051fded6499fe0dbb15437aeefc87043f3183145a0160e87443612f3f3f546ea81c088da91471f237e579a53bb9f55936

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_alive-client_dist-bf5aa2-4aefce0fc3c8[1].js

Filesize
13KB

MD5
a334c1ae2c3872b13c82889e92470e0a

SHA1
3efb288b96be75b565c5aaf3af612ff09abd861a

SHA256
c7dee654946bdeb0e1a9f3f114577f1ad463974d37f1e69e8cd168c156e9aca8

SHA512
4aefce0fc3c876348794f78421f719cb6122519d402e344edf9f3673b7601e6dd08a104a1cefeb837ea234673cdb0b04bde3ae1bf1fe6f42265281a71f040e08

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_lit-html_lit-html_js-9d9fe1859ce5[1].js

Filesize
15KB

MD5
29b126d180066f2cd72287a725af3dce

SHA1
da1a0918b337b6bcda086580271306fbb2d41ea0

SHA256
9417afb32e38d089ae0e18debddaec99629f25af815081ebf426a48066ef3438

SHA512
9d9fe1859ce5c02054af70a2435b2b137398d7f41f2b71cc138333f706bf3c175eccc001e8ba717e80508a10590fd40c91468a9ee60839cf2cf5464c2601deec

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_morphdom_dist_morphdom-esm_js-b1fdd7158cf0[1].js

Filesize
4KB

MD5
0776e8489cdd6d6238a0ba666829c3fb

SHA1
7de8eadacf76dd6490316c700d70237d35d3276c

SHA256
d7b5963c3a2d50a5022db58f914f309e04312ff9612adbc69d4f58e73929629b

SHA512
b1fdd7158cf0dc69a6749cce771b29ade7c12e5e2c58f57d3cad0c08f9855fd32ba4677f27a7824c310656175d80f2778a63400a57246f6902b81e6987f8ad96

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_primer_behaviors_dist_esm_scroll-into-view_js-node_modules_primer_react_-04bb1b-f1945840d2c2[1].js

Filesize
11KB

MD5
fe5eca523c030760ff5f1a5a7a74a8af

SHA1
03e410a68bb31d7926aa45ede94fe66ff5944faa

SHA256
086c1c6dff6f54ef16d5c4c53f33116de9a936e108f81696049fca69fe952cb3

SHA512
f1945840d2c2e8fa8b4ce68e4e39a632808e893b872c30140aad19058adc3f59e9343b0e098cf4ad17081b651601e4687097e8c1d2b0261fc992b2e6e05d04a7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_primer_react_lib-esm_ActionList_index_js-7bad8659e7bd[1].js

Filesize
47KB

MD5
a5fa4e0881a88fc3a650081115e98a47

SHA1
b12b7e309ace9af9890076a27efa3e8f244b4a1e

SHA256
41b8a1770bbb4ededba62558d1a494d3ed6ea47ecfdc106956ed613081fe1942

SHA512
7bad8659e7bdc63d2898414ce6fbe9f0804ea55aeffe781ba3f14d95b5d267997c92db8ea0979be157e765c027f5b6c1c965acc53b57e914b24211e9c9409895

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_primer_react_lib-esm_ActionMenu_js-f0cd24c33676[1].js

Filesize
8KB

MD5
7012b8a808a1a956eeb30f2d04629bd6

SHA1
adc5dcd3a5816bcf982a4386a15faaae1339818c

SHA256
e05be6e2b0c8746ecadd6f4d10a20b2628b839236bc6e4e898151a691e665cb2

SHA512
f0cd24c33676d0f8d8ed8eb76d131107e294be94b516748f8c5f29fe2e974108520c92ccd8216bca9a136f09eb0c75d55e58d22d66b4913b6ede0274b9ab18ca

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_primer_react_lib-esm_Button_index_js-node_modules_primer_react_lib-esm_O-133b0c-6f42d36f1de7[1].js

Filesize
11KB

MD5
0f365ac98a7825638cbe03dafab341c7

SHA1
cd5498af74977c28b6b840572b6fe92ee6af5ac2

SHA256
29b4ef584a91ab868261c4d3a7e881e178538678383963f945e1d649c09e63ff

SHA512
6f42d36f1de73d2d4bf88d9bf9617ab56bd82b37dfe962968d0a8af97e491a2d435b6d09e0fe8b86beab7e5898dede446add15add40290ed7b670626d0d4a75f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_primer_react_lib-esm_FormControl_FormControl_js-eadb97e299c8[1].js

Filesize
49KB

MD5
2ca65906fb48f62df10ef3b057a58318

SHA1
7a7bbc4ad6ab1f22785cba9458ebd84e5ce598c9

SHA256
73520ec1d47026c04d2d65dce9866ffcf03d3a40c0738e80419fed5c467bcb29

SHA512
eadb97e299c80417cfa7f4f9687f685dfb17ef5ff7ccb2e648c3c317aa0a26bdd68aa7e2f24dfcd04e89f0228cf15a07a25c0ba4315d886e44ef678c77924708

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RKJG9NOA\vendors-node_modules_primer_react_lib-esm_TextInput_TextInput_js-47fe5c8a888d[1].js

Filesize
14KB

MD5
d97875c16967de2197f4dda1258a0849

SHA1
46af3cd32e5b4cfb5ef4c312f2641aa650e281e3

SHA256
d12dc6db3d9903514b8b8eb84f14bfdd5bbf557091b5067e9d99a1adac9e0755

SHA512
47fe5c8a888d985d7d3956e2ae6b81788cacd4dbd0267a6b367a295ebdd3e2786d0036c00ef52c55f0c8d0616f04d9464a51253e6701025727cd5ec4012b3e89

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\Malware[1].htm

Filesize
120KB

MD5
5734438a90f23ee0d92695cbe416bf46

SHA1
cc9e248d24ba07f538d58d7bf0157db4a89b693f

SHA256
a2d2b41f1643a293ba3a20df6e351c87032b61e071846806defa9506456db88e

SHA512
25eb7fc6a1dfe4d7af26e0bcdff4a8d9094b53c43ce634795f757927a3b9d27ff82d9025d0ca981bb4f6503fb25c3428a9ef4fc64864bb6982dcbc17ed0fa3a6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\environment-509b58e05b9f[1].js

Filesize
13KB

MD5
eeb5e633860f2a77e56ba06caae25a00

SHA1
fd3e01ee2018021f2a3ef68f35069c24694ee076

SHA256
9941ae803afc9641ca1181515bb54406715c7e6c77ad4cbae7de6d250acd8c7d

SHA512
509b58e05b9f768864210671cbee0724025ae669299cf8e0b669b78694899f84ebc3a3c2f32a6aa9ad7e9e936a39bb35db5b6b19ba242fa3b77f79eae6d7ce5c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\github-elements-44d96edd9c30[1].js

Filesize
38KB

MD5
4fb7b54219a2c54155bb21b91985f0f7

SHA1
8f3fb4df28f1b03808e41f15640da365e3fea1a8

SHA256
e997f758ed5204420dd0b727f56a56f048d46d5ae13352aa309d6ccdb75d3e59

SHA512
44d96edd9c30b07d4d80e18ab1d6ce84b8635972af78b61a0d8abe9c8911f594c20b7326e17523745157bd7226b2f62c5d67e45eabf9b4f7b3acc0cbaaaa94ef

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_auto-complete-element-5b3870-9b38c0812424[1].js

Filesize
26KB

MD5
ad0fc3164addc8bf8d07e3428b771d32

SHA1
41374e0733af55d934dbc65caeaa79003ceb6c14

SHA256
d2979dd41ba6c8d7c86825ee49da082dd839758b5ca9c94c76b9ceee6ef3eebd

SHA512
9b38c08124242eabcf22107228faee21cd4eee076b7755a77df01860eac7ded60906213ff7c51f358f2e3cf026453509b15eab22c601580833e48b590c78105c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-bdc901-81f1e189072b[1].js

Filesize
103KB

MD5
965784c869c529cf5c50c15a2ef98c5f

SHA1
84d35373c97a47b270862f761152d9f8b1e62af1

SHA256
c3ecf36fb5f20a2414415c174b0de5fcd80d103eb09b4afa873667a47fdc9d33

SHA512
81f1e189072b4c7d1ea4144d3727f61256e53e4de56c19046d4829001c91f2a7b33bb70f8511598843520df63dbe23a86c39792137e90e179c8fe775ba35e2f9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-d1569f-eb0e0c1e5438[1].js

Filesize
13KB

MD5
408117ef9cc347d7dda95a1f06009001

SHA1
d7019d55ab9c3b059c04cda44653e361a6ec31dd

SHA256
37d7faa59a509ebe1edfccb46f06dac9cb4dffadccf453c156d46d51b337b8d9

SHA512
eb0e0c1e5438685fdb0a64e8736b9a8ae267fad048f21a6b777b422c45b64c667fe6eedd97f47bbf707df4a5de9cb1c3f1e88f6b8124ba9b642c66e0b5b41ff5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\vendors-node_modules_github_relative-time-element_dist_index_js-99e288659d4f[1].js

Filesize
14KB

MD5
f491d4f9b68507dfdf90a5ef6d4f70f8

SHA1
dac15fb588758d0cf24eb922931dc367d9f0458b

SHA256
6f7e23dd694a3e70ef7b0a8dd6b30161168039187a16bb1f8ad56c0e385fc2f2

SHA512
99e288659d4fae2fc48756d2bc57e0bbe2add23ed9ff370f8f9643ee09585f4bcacc6688cfe6380e60dbe883f614bbe2c61cd7d52fd5109f20aa79b70df6f079

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-d55308df5023[1].js

Filesize
8KB

MD5
2cae799f07ba986431625c4e784f1f99

SHA1
7ac2480df2eecf43dc734c0ef780fc8ee3a4da8a

SHA256
31fdca83f40ec80e6a08dc5cf00f159c87987222cb456609ba3adb183ad8a3ae

SHA512
d55308df502317a919437a8f3798ebb47037fe2014fbcd4d05ed53525451716f6535c268011ca8b38619f29c81195439fd6e81ee4829177a9b5d552693945c7e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-a4c183-18bf85b8e9f4[1].js

Filesize
13KB

MD5
55f75aaa5a368bacaad77f9a4e457cd7

SHA1
591d9a23780684e7a82e4e4c1dba7c42c121dfcf

SHA256
698d055a95832ead70ee64aa02a9d0bbcb0a871295752d409bb71b9463ab47d5

SHA512
18bf85b8e9f4cd99166de78f4d15717209b6f187eb43e2aecea972e990c1b656fd9c110eee3da6cd270f277880d1e1703b99675ae3a9e1467038e33c4545c1a2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RVXCM6E5\wp-runtime-8a2aef6aa4d0[1].js

Filesize
31KB

MD5
208287e357b2aea5f1aaba55ab4a7cfe

SHA1
defbb68f40f33d3935c7fbac8e6113995b2ef4f0

SHA256
c53061529d8dff7c0d40726afa73c8cb2db4d47df7f142b64c8e62ce0e2fc5d1

SHA512
8a2aef6aa4d0cc8470d3cd25d55ea00cc4e9637ceb382fe714243a6bb563dc1d7b83b74435998a633fddd43818d8ebb415526a3bf82be2a8312abee9486e8fd0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\50CD3D75D026C82E2E718570BD6F44D0_D222662A57BAA60D2F5EA0D2CC7B2F1C

Filesize
314B

MD5
59466694e4967a7a0bbd44a2ae757c04

SHA1
cda75051e30a4ad179b060a88fff22bd711b312d

SHA256
741ce489d2043afa65aab85ba3bc155a60400ac2f42e17c6bd7d8dc7d3560f20

SHA512
663fbbb57c04a496a5f024759fa0d73c6dff702a8a7c67b2f04cb208d70d99e77c01549beae1ac2eaca01d94ba504ff02cd548d623e4169906f7c444221f6196

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565

Filesize
471B

MD5
5edb0434e52dbe156e15ad9f08795a03

SHA1
5d0588f6c2426b40bd05e9ab987c3b823b310e88

SHA256
c3134b9535bb4b81eb1eb371180f4b25597d7ae0611a07100f90d732ea39a264

SHA512
f6c4dc586a22d17e0e7ddde1da5b95210c2af99c0581e4722c46f640d6b82b5de7395015939677034abb08105db9c7fbb766ffc216175b96e758a124f5864188

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\50CD3D75D026C82E2E718570BD6F44D0_D222662A57BAA60D2F5EA0D2CC7B2F1C

Filesize
408B

MD5
1f482eccbf4b1643067fbd4cad2c838e

SHA1
e8c24a091cd5f35978e31eccc882e48fedf68f4b

SHA256
6f7b2ba2a47a51a8b78daa9a02c71544e165314e429d30b1b98c810ded4a73c2

SHA512
ea6cbada9076e4256c6caa28e9dbec8b3a9f5877f161e614acdb4559ccd043f0932a25e63cbc1541e3d0c847c22ecf05c8af1d01cf1b79199c79c5edffb604b0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565

Filesize
404B

MD5
1eb12b736d10da9c4399bd2054c8203e

SHA1
378b8a934fdf146d307b57916f94b91658f4332a

SHA256
0401b0cb00c654651804507adc1487dd18aadba2fbfd5f37b7ccee77c8b063b5

SHA512
0388852921c9c12f731dd1cff33d0a90486fc57104a83bcf93f834e921aa07adcd2f2b3932a56676e88bd6b90e8027fe0e3821095a3181784557aec448be7c62

Download Submit
C:\Users\Admin\AppData\Local\Temp\宗鹠側簋嵨嚝楆奤肋靮塚腤輾毋萱瑽.exe

Filesize
289KB

MD5
5c378b11848ac59704c2000b4e711c30

SHA1
6a46c53fd89b1f66d3fdab7653181e8a3e56d418

SHA256
bd764fe2f9734d5ac56933ce68df0a175bfa98dc0266ae3cd3a5c963267ea77e

SHA512
c6fe33ff3825e9018abea99ea49dc5221f2abd96bd1099def898425b82c05f9b9ca1aacaba0b7ffb7d09a7d097eae9937abdc13bbf3e7643e24e37edc7841c48

Download Submit
C:\Users\Admin\AppData\Local\Temp\毲盩諆猈銍袋鹣粀劍幩瑦曗函痥枫蝝.exe

Filesize
330KB

MD5
692361071bbbb3e9243d09dc190fedea

SHA1
04894c41500859ea3617b0780f1cc2ba82a40daf

SHA256
ae9405b9556c24389ee359993f45926a895481c8d60d98b91a3065f5c026cffe

SHA512
cfdd627d228c89a4cc2eac27dcdc45507f1e4265eff108958de0e26e0d1abe7598a5347be77d1a52256de70c77129f1cd0e9b31c023e1263f4cf04dbc689c87e

Download Submit
C:\Users\Admin\Downloads\malware-database-master.zip

Filesize
44.9MB

MD5
e6a18481a5c3d4258c1eb65687ea5dec

SHA1
e96a8c70de06442d909bc84df74d250eb7209405

SHA256
cb7fc8c5fb5f8b338c4263ee8c430be25a9d86cfefae8313e1e87d146bef3e75

SHA512
c5687e9eb3ee4120cb5dd6bb6d4b7cae101bcc4b9d1bde56d213d3ac56b85780635950af4147c08ab701bc0fd70b0f172b5f1692ada789fd7d174d248569db72

Download Submit
memory/2832-0-0x00000177DD020000-0x00000177DD030000-memory.dmp

Filesize
64KB

Download
memory/2832-425-0x00000177DD6B0000-0x00000177DD6B1000-memory.dmp

Filesize
4KB

Download
memory/2832-108-0x00000177E37D0000-0x00000177E37D1000-memory.dmp

Filesize
4KB

Download
memory/2832-107-0x00000177E37B0000-0x00000177E37B1000-memory.dmp

Filesize
4KB

Download
memory/2832-421-0x00000177DD6F0000-0x00000177DD6F1000-memory.dmp

Filesize
4KB

Download
memory/2832-418-0x00000177E1B00000-0x00000177E1B02000-memory.dmp

Filesize
8KB

Download
memory/2832-16-0x00000177DD400000-0x00000177DD410000-memory.dmp

Filesize
64KB

Download
memory/2832-35-0x00000177DD6C0000-0x00000177DD6C2000-memory.dmp

Filesize
8KB

Download
memory/3780-375-0x0000021CDF210000-0x0000021CDF230000-memory.dmp

Filesize
128KB

Download
memory/4388-265-0x000001EC87200000-0x000001EC87300000-memory.dmp

Filesize
1024KB

Download
memory/4488-83-0x000002D0DA3D0000-0x000002D0DA3D2000-memory.dmp

Filesize
8KB

Download
memory/4488-72-0x000002D0DA1D0000-0x000002D0DA1D2000-memory.dmp

Filesize
8KB

Download
memory/4488-70-0x000002D0DA1B0000-0x000002D0DA1B2000-memory.dmp

Filesize
8KB

Download
memory/4488-74-0x000002D0DA1E0000-0x000002D0DA1E2000-memory.dmp

Filesize
8KB

Download
memory/4488-76-0x000002D0DA380000-0x000002D0DA382000-memory.dmp

Filesize
8KB

Download
memory/4488-78-0x000002D0DA3A0000-0x000002D0DA3A2000-memory.dmp

Filesize
8KB

Download
memory/4488-87-0x000002D0DA3F0000-0x000002D0DA3F2000-memory.dmp

Filesize
8KB

Download
memory/4520-741-0x0000000000160000-0x000000000016E000-memory.dmp

Filesize
56KB

Download
memory/4520-743-0x00007FFA3A5A0000-0x00007FFA3AF8C000-memory.dmp

Filesize
9.9MB

Download
memory/4520-744-0x00007FFA3A5A0000-0x00007FFA3AF8C000-memory.dmp

Filesize
9.9MB

Download

Resubmissions

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads