Overview

overview

6

Static

static

1

2nd calculator.py

windows7-x64

3

2nd calculator.py

windows10-2004-x64

6

Analysis

  • max time kernel
    1731s
  • max time network
    1739s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/10/2023, 10:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2nd calculator.py

  • Size

    1KB

  • MD5

    7f222adf14e769558ef67ee5028335d7

  • SHA1

    34db71a1801ff9f4bb6c9ce477695715db854cb0

  • SHA256

    3cc45938cb4a968e922e32353d98bbfb5184d214f462dbfd34f4c1455e58fcb7

  • SHA512

    60e847ecd5381ca89f864270da46ad379770fe426f6336a9335d4fbfb9f1abde4a2f9627de6b0df0a6ad0f438fc9ecee5e23f0f8ec400166ccc2235b4089102a

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies registry class 4 IoCs
  • Modifies registry key 1 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 26 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 57 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 56 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\2nd calculator.py"
    1⤵
    • Modifies registry class
    PID:692
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3572
  • C:\Windows\system32\cmd.exe
    "C:\Windows\system32\cmd.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Windows\system32\whoami.exe
      whoami
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:4912
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4728
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff90bf046f8,0x7ff90bf04708,0x7ff90bf04718
      2⤵
        PID:4820
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
        2⤵
          PID:1404
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1812
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3004 /prefetch:8
          2⤵
            PID:1232
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
            2⤵
              PID:2832
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3436 /prefetch:1
              2⤵
                PID:4572
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
                2⤵
                  PID:4716
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
                  2⤵
                    PID:2032
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
                    2⤵
                      PID:1848
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4048 /prefetch:8
                      2⤵
                        PID:2792
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4048 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:2260
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1
                        2⤵
                          PID:4424
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4596 /prefetch:1
                          2⤵
                            PID:4152
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
                            2⤵
                              PID:1740
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1948 /prefetch:2
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:4680
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
                              2⤵
                                PID:1304
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4600 /prefetch:1
                                2⤵
                                  PID:4168
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1
                                  2⤵
                                    PID:4772
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
                                    2⤵
                                      PID:2344
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
                                      2⤵
                                        PID:1292
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
                                        2⤵
                                          PID:4128
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
                                          2⤵
                                            PID:4208
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5876 /prefetch:8
                                            2⤵
                                              PID:5064
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4844 /prefetch:8
                                              2⤵
                                              • Modifies registry class
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:552
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
                                              2⤵
                                                PID:3136
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1
                                                2⤵
                                                  PID:1304
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
                                                  2⤵
                                                    PID:3944
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
                                                    2⤵
                                                      PID:2280
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
                                                      2⤵
                                                        PID:4204
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4668 /prefetch:1
                                                        2⤵
                                                          PID:3400
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6356 /prefetch:1
                                                          2⤵
                                                            PID:4920
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1
                                                            2⤵
                                                              PID:4736
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:1
                                                              2⤵
                                                                PID:2944
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:1
                                                                2⤵
                                                                  PID:4148
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6688 /prefetch:1
                                                                  2⤵
                                                                    PID:1728
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1
                                                                    2⤵
                                                                      PID:3900
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
                                                                      2⤵
                                                                        PID:4868
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1
                                                                        2⤵
                                                                          PID:704
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7104 /prefetch:1
                                                                          2⤵
                                                                            PID:4400
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
                                                                            2⤵
                                                                              PID:736
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
                                                                              2⤵
                                                                                PID:4920
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7968 /prefetch:1
                                                                                2⤵
                                                                                  PID:5160
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7972 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5152
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
                                                                                    2⤵
                                                                                      PID:5756
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1
                                                                                      2⤵
                                                                                        PID:5892
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
                                                                                        2⤵
                                                                                          PID:3900
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8040 /prefetch:1
                                                                                          2⤵
                                                                                            PID:436
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8188 /prefetch:1
                                                                                            2⤵
                                                                                              PID:5672
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2212,15803114105383813773,2028520477872048030,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4568 /prefetch:1
                                                                                              2⤵
                                                                                                PID:2756
                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                              1⤵
                                                                                                PID:64
                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                1⤵
                                                                                                  PID:2392
                                                                                                • C:\Windows\system32\cmd.exe
                                                                                                  "C:\Windows\system32\cmd.exe"
                                                                                                  1⤵
                                                                                                    PID:4416
                                                                                                    • C:\Windows\system32\reg.exe
                                                                                                      reg add HKLM\SOFTWARE\Policies\Microsoft\Windows Defender /v DisableAntiSpyware /t REG_DWORD /d 1 /f
                                                                                                      2⤵
                                                                                                      • Modifies registry key
                                                                                                      PID:2732
                                                                                                  • C:\Windows\system32\rundll32.exe
                                                                                                    C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask
                                                                                                    1⤵
                                                                                                      PID:3144
                                                                                                    • C:\Windows\system32\AUDIODG.EXE
                                                                                                      C:\Windows\system32\AUDIODG.EXE 0x50c 0x2c0
                                                                                                      1⤵
                                                                                                        PID:5640
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                        1⤵
                                                                                                        • Enumerates system info in registry
                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                                        • Suspicious use of SendNotifyMessage
                                                                                                        PID:5068
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff90bf046f8,0x7ff90bf04708,0x7ff90bf04718
                                                                                                          2⤵
                                                                                                            PID:4852
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
                                                                                                            2⤵
                                                                                                              PID:2692
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3104 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:5004
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3096 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:2528
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2528 /prefetch:8
                                                                                                                  2⤵
                                                                                                                    PID:1372
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
                                                                                                                    2⤵
                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                    PID:4540
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2500 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:6020
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:6012
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3368 /prefetch:8
                                                                                                                        2⤵
                                                                                                                          PID:6136
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3368 /prefetch:8
                                                                                                                          2⤵
                                                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                                                          PID:5672
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5184 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5824
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4380 /prefetch:8
                                                                                                                            2⤵
                                                                                                                            • Modifies registry class
                                                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                                                            PID:4784
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4396 /prefetch:8
                                                                                                                            2⤵
                                                                                                                              PID:2364
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3620 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:5928
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5544 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:5916
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:1492
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:3004
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:1884
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:5200
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4304 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:3532
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5804 /prefetch:8
                                                                                                                                            2⤵
                                                                                                                                              PID:4136
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5708 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:4740
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4304 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:5940
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:3336
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:1836
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5736 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:5076
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6136 /prefetch:8
                                                                                                                                                        2⤵
                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                        PID:2284
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,10959993196389459638,3940094347697936568,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4020 /prefetch:2
                                                                                                                                                        2⤵
                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                        PID:3040
                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                      1⤵
                                                                                                                                                        PID:4192
                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                        1⤵
                                                                                                                                                          PID:5908

                                                                                                                                                        Network

                                                                                                                                                              MITRE ATT&CK Enterprise v15

                                                                                                                                                              Replay Monitor

                                                                                                                                                              Loading Replay Monitor...

                                                                                                                                                              Downloads

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                Filesize

                                                                                                                                                                152B

                                                                                                                                                                MD5

                                                                                                                                                                1222f8c867acd00b1fc43a44dacce158

                                                                                                                                                                SHA1

                                                                                                                                                                586ba251caf62b5012a03db9ba3a70890fc5af01

                                                                                                                                                                SHA256

                                                                                                                                                                1e451cb9ffe74fbd34091a1b8d0ab2158497c19047b3416d89e55f498aae264a

                                                                                                                                                                SHA512

                                                                                                                                                                ef3f2fc1cedfc28fb530c710219b8e9eb833a2f344b91d3ffb2d82d7bbedbc223f4b60a38bea35b72eb706e4880ffcbb9256a9768f39bae95c5544be0f503916

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                Filesize

                                                                                                                                                                152B

                                                                                                                                                                MD5

                                                                                                                                                                4cf9d150713efbb17d2680e3fd1c8f22

                                                                                                                                                                SHA1

                                                                                                                                                                767b4b962a345d8c9101e24d9015282323b3fae3

                                                                                                                                                                SHA256

                                                                                                                                                                d69bacd92cdf48484f5bb78ad877ae2a879a33e8b2ed15a03716ebf296420274

                                                                                                                                                                SHA512

                                                                                                                                                                6531e9a8bacd44df0a6f2789b56a53708b8c7385e4cf8cb3fe25543e6e65ce743fcb9660850734ef4ba92e7e9d3257686e2d21a1f2c6108c4e0628eabddd265c

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                Filesize

                                                                                                                                                                152B

                                                                                                                                                                MD5

                                                                                                                                                                001b55326b6d96be1a5f78d605c03558

                                                                                                                                                                SHA1

                                                                                                                                                                725b20d4b9053edc054c03fad19501a590bd8e15

                                                                                                                                                                SHA256

                                                                                                                                                                eb43dbbd85580a0bb1b148f5b3c3bede58921f56c65de9124f6116f4edd72777

                                                                                                                                                                SHA512

                                                                                                                                                                9e89ad6e90b1f40ffe5739c112b2aafd755a162395f7c24eb782dc087b9217266930dfeb7ed99e0c4f562a2ba79028aa7cbd372c24b4097a5b32be29df2311e6

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                Filesize

                                                                                                                                                                152B

                                                                                                                                                                MD5

                                                                                                                                                                1222f8c867acd00b1fc43a44dacce158

                                                                                                                                                                SHA1

                                                                                                                                                                586ba251caf62b5012a03db9ba3a70890fc5af01

                                                                                                                                                                SHA256

                                                                                                                                                                1e451cb9ffe74fbd34091a1b8d0ab2158497c19047b3416d89e55f498aae264a

                                                                                                                                                                SHA512

                                                                                                                                                                ef3f2fc1cedfc28fb530c710219b8e9eb833a2f344b91d3ffb2d82d7bbedbc223f4b60a38bea35b72eb706e4880ffcbb9256a9768f39bae95c5544be0f503916

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
                                                                                                                                                                Filesize

                                                                                                                                                                20KB

                                                                                                                                                                MD5

                                                                                                                                                                d54ae451ef29fd58756d54519cf6ab81

                                                                                                                                                                SHA1

                                                                                                                                                                72450bd9252fb75f35b11313e090752b1313a979

                                                                                                                                                                SHA256

                                                                                                                                                                1f267026e468a0f4e75f68645dd5a85724cdfb45eb37d4877f3b536e0bbbaeea

                                                                                                                                                                SHA512

                                                                                                                                                                fe8644376b966e8bda505908ab23b7ba913a22135538b91512a64b0aa6898476cdbecc1af00b689b2080f5d97d55c084c37219cdeb4120a894f0cbcdf4ff532b

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                                                                                                                                Filesize

                                                                                                                                                                64KB

                                                                                                                                                                MD5

                                                                                                                                                                d6b36c7d4b06f140f860ddc91a4c659c

                                                                                                                                                                SHA1

                                                                                                                                                                ccf16571637b8d3e4c9423688c5bd06167bfb9e9

                                                                                                                                                                SHA256

                                                                                                                                                                34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

                                                                                                                                                                SHA512

                                                                                                                                                                2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
                                                                                                                                                                Filesize

                                                                                                                                                                67KB

                                                                                                                                                                MD5

                                                                                                                                                                d94e0e0a05b178d5f668021e14c7a1d9

                                                                                                                                                                SHA1

                                                                                                                                                                d28e00ff7663ba19bc80a379643ef1cb20b4d2a6

                                                                                                                                                                SHA256

                                                                                                                                                                ce471ce8016410f68616f0b1f122fc43f2dbaa7fd747877fe19955f492c630e2

                                                                                                                                                                SHA512

                                                                                                                                                                aa62a9b26850343db5b05ba623b1db75281ffefd7d5b168fd1a4a85c28655b1f3f900edfab3ac57ee7c4ace83769265c9a44d7b19b1b0e9c7fd3e11dc6267831

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
                                                                                                                                                                Filesize

                                                                                                                                                                89KB

                                                                                                                                                                MD5

                                                                                                                                                                20b4214373f69aa87de9275e453f6b2d

                                                                                                                                                                SHA1

                                                                                                                                                                05d5a9980b96319015843eee1bd58c5e6673e0c2

                                                                                                                                                                SHA256

                                                                                                                                                                aa3989bee002801f726b171dcc39c806371112d0cfd4b4d1d4ae91495a419820

                                                                                                                                                                SHA512

                                                                                                                                                                c1e86e909473386b890d25d934de803f313a8d8572eb54984b97f3f9b2b88cbe2fb43a20f9c3361b53b040b3b61afb154b3ec99a60e35df8cf3563dabf335f54

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                                                                                                                                Filesize

                                                                                                                                                                970KB

                                                                                                                                                                MD5

                                                                                                                                                                7c263ec06773eb22d72f4a0a1d863287

                                                                                                                                                                SHA1

                                                                                                                                                                d6dcfb37b70fa399a8ebca230ab5bdb351def474

                                                                                                                                                                SHA256

                                                                                                                                                                7c78b1f1c78d7fef66c605e9a4bfab3def6a29d87c0bb94c1eefff5a8020e261

                                                                                                                                                                SHA512

                                                                                                                                                                7811a78ebb1fce37af229eea50686278d910f5da6b51f670e785565eeac4bb97a7f9914489d949a4216e2a61380ef17fc498cf6f41cbb3b15ad8c4670b0d93aa

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                Filesize

                                                                                                                                                                4KB

                                                                                                                                                                MD5

                                                                                                                                                                7f9e1f77d9d98799a8867794ef39df19

                                                                                                                                                                SHA1

                                                                                                                                                                32c1eafa5b70940a24cf27aafb78fc6834d122de

                                                                                                                                                                SHA256

                                                                                                                                                                9374df41b24b3fc50502f37b3a9f064ceefd816e2d173d139ff81340d6b73b4c

                                                                                                                                                                SHA512

                                                                                                                                                                1fefb35e445f06ce9276e4c1f0449911f4216aeb0bc533a456c800e049f8a9646f25738bb1867bd5d0c10f63f41d9951264ec5d6833c2eb22a0ecd4aee412d02

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                Filesize

                                                                                                                                                                4KB

                                                                                                                                                                MD5

                                                                                                                                                                f34185dc054b8acea358a229e110cb2a

                                                                                                                                                                SHA1

                                                                                                                                                                b4abd67e43aad8dc4e907fb797807a4c9dee4914

                                                                                                                                                                SHA256

                                                                                                                                                                a84a5b174aebd9c31187cede843bdfa1465d2d769eec1bae9e0e25ad467e1cdd

                                                                                                                                                                SHA512

                                                                                                                                                                c3110816eb3902c952d288c1c81684510ed947021352cf04c588e091a5c475a49bebb54d4b24b701f8a155d94e5eb64f0f48a31facfedbd9e52c49ba14f60cab

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                                                                Filesize

                                                                                                                                                                28KB

                                                                                                                                                                MD5

                                                                                                                                                                81862c01a8a3ba9421a41267f1a424af

                                                                                                                                                                SHA1

                                                                                                                                                                01717cbd92bcae8078d3cac6f492faee322daa7e

                                                                                                                                                                SHA256

                                                                                                                                                                1c577db4bafc234b48a944194185daa7ad89b21d0bdf0af1d5c5b3f2c3eb9237

                                                                                                                                                                SHA512

                                                                                                                                                                1cd7de1d02c95b92c3052b17a9f703619e64520c26f79176f9122cf91f87a6c651ab757c82e079149a8ccc4bc9aba9248a0f6687dcc3b829c0ca14141426a657

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                                                Filesize

                                                                                                                                                                264KB

                                                                                                                                                                MD5

                                                                                                                                                                83cab6f7fd2b30028cc18861b5fec362

                                                                                                                                                                SHA1

                                                                                                                                                                4c2f543494fe5fa3915c80f1306647d80eaf78d0

                                                                                                                                                                SHA256

                                                                                                                                                                fb260b3f4dee8ccb0fc4ea74d114e9d3f6faa27781cd499fc0dfb385425e289d

                                                                                                                                                                SHA512

                                                                                                                                                                1928bf8d073c7f3e0fabc626d93a662573ff31687be45df63ec4dc236f3faed3ae90274fb9f6869cb2e1f0080a51f9bc30332555ae6d775a94335ee490f866d0

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                                                Filesize

                                                                                                                                                                124KB

                                                                                                                                                                MD5

                                                                                                                                                                70d865e2dfcf8b9821a21aa38b789e64

                                                                                                                                                                SHA1

                                                                                                                                                                d9e07a843de5c789d72b2229bee0c77ceb300903

                                                                                                                                                                SHA256

                                                                                                                                                                fe77b7975af0ad0897bf9bb08f17f2c5ff380299327f11d1c5ce3b45576f0ccc

                                                                                                                                                                SHA512

                                                                                                                                                                dea6976866ef2958509d232f8a20ebc91541acdcc114079ca9ea7905151a3d7150657386d5a35e502351d4ba0f4ae33933af71ac9e5afa1bbd4861093e55909e

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                                Filesize

                                                                                                                                                                5KB

                                                                                                                                                                MD5

                                                                                                                                                                009024c1a14b6b9e5f84432ebfef10cc

                                                                                                                                                                SHA1

                                                                                                                                                                398451fed6c16c8ab167030b20e91083c9dd15ef

                                                                                                                                                                SHA256

                                                                                                                                                                b80dde40c33e9813b1d536c4269528563767d30fa104a01780d298b4a3a94d10

                                                                                                                                                                SHA512

                                                                                                                                                                9c89af67c58212c03ecf7222be89ae610abe8bd01f54bbd5fd54c7434d82276262b399681ea023695289bd64d4158e718c9267340ed751cc773ec9087e17e327

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                Filesize

                                                                                                                                                                4KB

                                                                                                                                                                MD5

                                                                                                                                                                1e7d52180d896a614dbcfec8142b3595

                                                                                                                                                                SHA1

                                                                                                                                                                e14c474011ab6b9caf20d3f113560062c1858076

                                                                                                                                                                SHA256

                                                                                                                                                                3fc0f0a7c764f3f157671ede5c5b2cc53b550864cecd726aa600629c42fdd001

                                                                                                                                                                SHA512

                                                                                                                                                                d7e5dab2292123fe006f9c9c011b4cb60396c80ed88d87095a9ceb952e52493622ad3f0443ea6cbcce54519b389c2916cbe1bbbdd449f961c06d14adbb4b6745

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                Filesize

                                                                                                                                                                180B

                                                                                                                                                                MD5

                                                                                                                                                                00a455d9d155394bfb4b52258c97c5e5

                                                                                                                                                                SHA1

                                                                                                                                                                2761d0c955353e1982a588a3df78f2744cfaa9df

                                                                                                                                                                SHA256

                                                                                                                                                                45a13c77403533b12fbeeeb580e1c32400ca17a32e15caa8c8e6a180ece27fed

                                                                                                                                                                SHA512

                                                                                                                                                                9553f8553332afbb1b4d5229bbf58aed7a51571ab45cbf01852b36c437811befcbc86f80ec422f222963fa7dabb04b0c9ae72e9d4ff2eeb1e58cde894fbe234f

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                Filesize

                                                                                                                                                                111B

                                                                                                                                                                MD5

                                                                                                                                                                285252a2f6327d41eab203dc2f402c67

                                                                                                                                                                SHA1

                                                                                                                                                                acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                                                                SHA256

                                                                                                                                                                5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                                                                SHA512

                                                                                                                                                                11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                Filesize

                                                                                                                                                                5KB

                                                                                                                                                                MD5

                                                                                                                                                                c82e826a31c4dd5066eb2a8b840e4562

                                                                                                                                                                SHA1

                                                                                                                                                                d1f4819a5395425d7563c4b0d792f89de27f37d3

                                                                                                                                                                SHA256

                                                                                                                                                                a725b5f2436a575814c058c25eede745ac506e9829874d465ed495dc52eb4259

                                                                                                                                                                SHA512

                                                                                                                                                                ce5d16cbfff7d0c1819b9d355035788f0e9d21728213ff34dbf4073a265083b66e1a988c01ac61bbf2835e11f8e37b7248faa110bb9ecbc186a9aecbc0570fdd

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                7KB

                                                                                                                                                                MD5

                                                                                                                                                                49f323cf0e029cbed3f8912866566668

                                                                                                                                                                SHA1

                                                                                                                                                                8572041f3736b5540dfe9f65b9c65d7c4b165679

                                                                                                                                                                SHA256

                                                                                                                                                                064b66c67281369f3664b3b19ca9daf85abaf8692ddc2bf5c572a8fa97ca8c7b

                                                                                                                                                                SHA512

                                                                                                                                                                38af557682c814b69bd610fc6352c499048b0ae01d864c94aaa5bc63d9bad46c64f235eea21b6b448428505452c9b6cd41ea446ba5339325e60eb7a4f6a2843a

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                5KB

                                                                                                                                                                MD5

                                                                                                                                                                473353b7dd4a68206be295147b8293e6

                                                                                                                                                                SHA1

                                                                                                                                                                75235e36b31541072cfb5b0d08fae6e71446c559

                                                                                                                                                                SHA256

                                                                                                                                                                0e2284b10027c8f83531823c2bfd987cb6cc5e18fc3048aca51546d19536357a

                                                                                                                                                                SHA512

                                                                                                                                                                459ffe3543d3cbc417858e155e09d6e7215841c517633eb749b1391cc07a64b115818d0c73704f56f09b9eeb46419f0a44352e16eafe8ae3002e0dd839d53bf1

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                5KB

                                                                                                                                                                MD5

                                                                                                                                                                9eca45ef06aeb2f1fa72652843ca8eb8

                                                                                                                                                                SHA1

                                                                                                                                                                cf525730137c27ccae4d54e89bdc4c216d476166

                                                                                                                                                                SHA256

                                                                                                                                                                7d5fc7b0de51c6b31a96c94c28ad7089eece91b62b952b0b268138a7f2971301

                                                                                                                                                                SHA512

                                                                                                                                                                3aef6e2468aae102eb47b74fae57161cf2f8bff13d5120d154cd73292ce4575aa498ebaa6279e09a9eb041a546abf98b27116962d4baaba4273f7713fde22eab

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                5KB

                                                                                                                                                                MD5

                                                                                                                                                                b9c96dc5a9574561ca57352f6070e063

                                                                                                                                                                SHA1

                                                                                                                                                                64daf61dad4134a963f9b7d526f02f2d76cc4481

                                                                                                                                                                SHA256

                                                                                                                                                                7a0e36a8475adee5aee267d1bf218458c5452ba3a01c53be0cbfe58cc89a9dec

                                                                                                                                                                SHA512

                                                                                                                                                                a5d2039f5233f49967d1642560c52e63d887b68cb200973980862273e306c75e9064a937bdebc23cc9b656f3c6152df74f506d402f690c792ed6f3f23b1fe633

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                6KB

                                                                                                                                                                MD5

                                                                                                                                                                579a09374d33114640820fa71f906b1c

                                                                                                                                                                SHA1

                                                                                                                                                                cbb4909bdb8ccd8c81b42a59c354cad7aa55f0a7

                                                                                                                                                                SHA256

                                                                                                                                                                b9b0b011dacd344a467e4685d51d2705485aa4b7909de52d778296a95976896f

                                                                                                                                                                SHA512

                                                                                                                                                                6428f23f0f6419c0458707de3ce3ee170efd4b485d96963e3c21a7859a997c8f012ea97821943050832d1f6863edf6222dd611aa3b8255b9cd45a55a8bbfb453

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                7KB

                                                                                                                                                                MD5

                                                                                                                                                                f3ea8cc7eb011eab6e48561d55291a8f

                                                                                                                                                                SHA1

                                                                                                                                                                6ffe39059dceed9c79dcfec5a34e9ef46a6ae962

                                                                                                                                                                SHA256

                                                                                                                                                                363ee6239403d9e0174ac1f6679421720c76dea1a5c3f732feaf1767a4a6edce

                                                                                                                                                                SHA512

                                                                                                                                                                1f819eb52491f9f9d04c6012d5f3a8f4bffb9b9f8ea19c7f5864c296c6e778cf5a556fd83a08bc4cd78f43add3d1567319c729f104abfb22bb616fee3270335e

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                9KB

                                                                                                                                                                MD5

                                                                                                                                                                c388c75cc0dc22cc7c402d059480383a

                                                                                                                                                                SHA1

                                                                                                                                                                d270f2a8994a2d87b1de80d534a2a822909c3243

                                                                                                                                                                SHA256

                                                                                                                                                                d90da8f4b7f8b064cf6aed9222300821dd89d39e2945759f34f146affaee40ab

                                                                                                                                                                SHA512

                                                                                                                                                                c3e2dfd5905c47dee11c63924321a382dfa643a6f19c49e0789c1dd422e7277e34c388718b46457cba283b8e81fd769683e00169ca6c62e50c8a8b91d02093a0

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                5KB

                                                                                                                                                                MD5

                                                                                                                                                                dbc8eb78000dd27574750951fc87c76c

                                                                                                                                                                SHA1

                                                                                                                                                                8907fd42c0cb1f7663ce9eed0a0c8f14c3cd0ca2

                                                                                                                                                                SHA256

                                                                                                                                                                8b9918f5b0282cfecfb9e2af038857bf236435b1806d1013ee79e5c01e5386ad

                                                                                                                                                                SHA512

                                                                                                                                                                fc09b665d2372dd071bec4747e196879d4937daafa68491489122b77f4bc8275650252984fe4b88706a5c91427bb7f22d7acbafc99b19ed17e03b10704178046

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                9KB

                                                                                                                                                                MD5

                                                                                                                                                                adde85e060b5dcf807e281e5edb56e57

                                                                                                                                                                SHA1

                                                                                                                                                                da02bac0b4161a56655a88712aeab87140248b5f

                                                                                                                                                                SHA256

                                                                                                                                                                1da1f2807d0936e569b82bde500a418acb9c26a062a624d5744cc5e4c26c6b91

                                                                                                                                                                SHA512

                                                                                                                                                                663315451f27a6ca2d33398874f60589af983b791583d8a416ae30b3e1a9a18f6921d2d4ce66d00712f6609073646040c95e886180dfb4494437b753d6b18f3c

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                9KB

                                                                                                                                                                MD5

                                                                                                                                                                e3d6c1b48d5c40bc3f2a83c5c5bef829

                                                                                                                                                                SHA1

                                                                                                                                                                ef3c0ad5bb82f7513468953cadb3f99d3b798a5d

                                                                                                                                                                SHA256

                                                                                                                                                                f528d80c9cdfd079b807c8d131264cd333d04892583c7c5890bb08651f920009

                                                                                                                                                                SHA512

                                                                                                                                                                846fc85c7935b4a74a403dc521f8769c28cda3c46e18da125098cadaeaab3e9098e68be1178da2da450e49bf6221ed6eff41021bc381ad47165ae0697cd6bd0a

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                8KB

                                                                                                                                                                MD5

                                                                                                                                                                92f9cf928f8e726124a3132cf0eca312

                                                                                                                                                                SHA1

                                                                                                                                                                8e995b613334e5f81a3d1c8d2b58f5d51bf2db35

                                                                                                                                                                SHA256

                                                                                                                                                                bfe488f96a23f1a94b7b184c11264126cd1fc91ba86bb7436f5c5a3fc4ef75ea

                                                                                                                                                                SHA512

                                                                                                                                                                d59567dc7faad27626f019f751aefaa89dfe98dbdc6a2b31fb75b99faf0f755a8b3dee7630f49d31cd8e48665f6defa99e7543f46d0b1232708addb4088212c0

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                8KB

                                                                                                                                                                MD5

                                                                                                                                                                92f9cf928f8e726124a3132cf0eca312

                                                                                                                                                                SHA1

                                                                                                                                                                8e995b613334e5f81a3d1c8d2b58f5d51bf2db35

                                                                                                                                                                SHA256

                                                                                                                                                                bfe488f96a23f1a94b7b184c11264126cd1fc91ba86bb7436f5c5a3fc4ef75ea

                                                                                                                                                                SHA512

                                                                                                                                                                d59567dc7faad27626f019f751aefaa89dfe98dbdc6a2b31fb75b99faf0f755a8b3dee7630f49d31cd8e48665f6defa99e7543f46d0b1232708addb4088212c0

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                9KB

                                                                                                                                                                MD5

                                                                                                                                                                7448d808e8e5fb0f0ba4aed889b70440

                                                                                                                                                                SHA1

                                                                                                                                                                fddca2e72bd29b6a9df427d7c724e1c3f81680ac

                                                                                                                                                                SHA256

                                                                                                                                                                23a6d45ad37ade77f2d3e2ac9630bb62b2afb8148cfaee78a25e769cdbdf1a52

                                                                                                                                                                SHA512

                                                                                                                                                                7043c8453b158494ff9d5eca987cbb791f4f7af0ca5237bde8aaf505e5958e8c2a9713e7f5e032c91ca369cc2b66a1c5afb552253e51e37456281774da6fc326

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                8KB

                                                                                                                                                                MD5

                                                                                                                                                                63f40de81a2c5eb3822179ed63f45685

                                                                                                                                                                SHA1

                                                                                                                                                                6dda975bf15d65895ae296a22beeca0f4b4c4625

                                                                                                                                                                SHA256

                                                                                                                                                                6c8159e1e3e6d9622cb7f8437888bccd5d9ac637fda11554f02ba625e094a17d

                                                                                                                                                                SHA512

                                                                                                                                                                2f932644e9e9e9040b2d64f0f46989d4717190fc3e912039966fa9905c5135bf329ee3c53f92065114502fbd971b0d11739e75f472acdc5aae3d97552c686502

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                24KB

                                                                                                                                                                MD5

                                                                                                                                                                6588c5d8aaf00d97b9ef97850f2762cc

                                                                                                                                                                SHA1

                                                                                                                                                                6794a544fd51475bfff0a7714c9ba968cbd6af64

                                                                                                                                                                SHA256

                                                                                                                                                                8d43f925685ec7ff2771dea2f2aaf06f829319498170d930bf838f67ee138d14

                                                                                                                                                                SHA512

                                                                                                                                                                5ca702362b0908e07dec475b683ec0f69700186b1837b1a081191a2097c54b6ebe7f1e943afae27b87403129a9699f7c98cc4b6bb98c326b6aa788050b052488

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                                Filesize

                                                                                                                                                                24KB

                                                                                                                                                                MD5

                                                                                                                                                                15ad31a14e9a92d2937174141e80c28d

                                                                                                                                                                SHA1

                                                                                                                                                                b09e8d44c07123754008ba2f9ff4b8d4e332d4e5

                                                                                                                                                                SHA256

                                                                                                                                                                bf983e704839ef295b4c957f1adeee146aaf58f2dbf5b1e2d4b709cec65eccde

                                                                                                                                                                SHA512

                                                                                                                                                                ec744a79ccbfca52357d4f0212e7afd26bc93efd566dd5d861bf0671069ba5cb7e84069e0ea091c73dee57e9de9bb412fb68852281ae9bd84c11a871f5362296

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13339237493766617
                                                                                                                                                                Filesize

                                                                                                                                                                31KB

                                                                                                                                                                MD5

                                                                                                                                                                389f8be732c63a29dc6a71dba0d98da8

                                                                                                                                                                SHA1

                                                                                                                                                                e480a7055f1cb5638e52d9c4bceac6a1e1182140

                                                                                                                                                                SHA256

                                                                                                                                                                fb1b7776fca7780d69198fcce68c23f043da994272cf6b506b10ed57bbf3ec58

                                                                                                                                                                SHA512

                                                                                                                                                                a6c37aa9add12cef44bb7900b78dad80a8eed3287c8df2d04ab19060843ba0a40732c9246da277258176c45fcbc0dde0196fc5b0b7175bda1b901b0b6af6e4e4

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                                                                Filesize

                                                                                                                                                                232B

                                                                                                                                                                MD5

                                                                                                                                                                afe69002c51acf384728c7de66c08bfd

                                                                                                                                                                SHA1

                                                                                                                                                                ba92352bdeae1861118e3af5d73bca56bebea843

                                                                                                                                                                SHA256

                                                                                                                                                                583f0a3b9d856f25ef12ae31b8209121c4c4f83992ebd7a9a43a91ddd5ff9058

                                                                                                                                                                SHA512

                                                                                                                                                                f1da552eee6fc536836007a60856126305d92094bb4ff42094bc7d8443626acad52f25c88fcff15ec28d4aaec6cea1bda53049c3270a4be98978d704e03c09ea

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                                Filesize

                                                                                                                                                                350B

                                                                                                                                                                MD5

                                                                                                                                                                9a4edb78e460e6099d2b0758c9a945a8

                                                                                                                                                                SHA1

                                                                                                                                                                ad2cf4baa5d475244248b32fe3cd7a86e04aeae1

                                                                                                                                                                SHA256

                                                                                                                                                                7014427090ba939ab54f5b415a07bf4f1aabcab4aed9fd332500dd697e13a65d

                                                                                                                                                                SHA512

                                                                                                                                                                32664f068328b50718d5ab22a4342a86dd2223bedf7d755c208a1e92f0cf1a5c9c031648a26034189529e73a8477f56e97a2b7e24d6cbd979040080ee3e718c5

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                                Filesize

                                                                                                                                                                323B

                                                                                                                                                                MD5

                                                                                                                                                                3ae970394f2b76d6c3b8e0c89dc96339

                                                                                                                                                                SHA1

                                                                                                                                                                cb49cf69192d5b5255babdc9dc6113d37b758318

                                                                                                                                                                SHA256

                                                                                                                                                                290e5740eea5d64f593f25523d44dc9da13ef9c6297fe06c762d658ab4913a1e

                                                                                                                                                                SHA512

                                                                                                                                                                e993118e2bca7a6dfb3968b78681e6efa2eb3e091a872aa6836069555254d026dc478bbd033538b9c562ece6b277037bdbabe86b2ea28d8253162d5659a191af

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                Filesize

                                                                                                                                                                2KB

                                                                                                                                                                MD5

                                                                                                                                                                e9042eec12f260e59590a4ee9c1fb2f6

                                                                                                                                                                SHA1

                                                                                                                                                                af9e67bd37c53fb337cff27a5d81f7888c01d63b

                                                                                                                                                                SHA256

                                                                                                                                                                c8c81f7d8c3234cdaa24a161491d4208d20461f2da604b139ce6184a486dba71

                                                                                                                                                                SHA512

                                                                                                                                                                2e1532f2477f8bd2703d9fded9f09487e5f45bb8aef95dee1a66f9f806733a5bf6ea3a78f40878e0401b835ab7cabb52b96a308cf6e2709ad3b0cb0d016fdc82

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                Filesize

                                                                                                                                                                2KB

                                                                                                                                                                MD5

                                                                                                                                                                0169b32f1569495a8908be2894e18c3d

                                                                                                                                                                SHA1

                                                                                                                                                                7d9438bb9c0892421766f5dde6cc157520299c0a

                                                                                                                                                                SHA256

                                                                                                                                                                912e2682f799d4301ddcde068af1020d599d926578f680a6cd679caeb716d503

                                                                                                                                                                SHA512

                                                                                                                                                                37a8143386ae38776185765958f2acc7b8a4b28ac861904cc46e91d8e77ba54af6d77e20e35a9c5cd777d873d146571fb30854d60269761c8a1d0d3eaca417fb

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                Filesize

                                                                                                                                                                1KB

                                                                                                                                                                MD5

                                                                                                                                                                780818d6d5a9b35af09b99f1fdc09cdc

                                                                                                                                                                SHA1

                                                                                                                                                                38b4455ae0939532fe0fe74ba92721a1fecba692

                                                                                                                                                                SHA256

                                                                                                                                                                1e868620894b42ec660b597c37eafa558e6fbd49c1a0f54bc30501b0433a2ca1

                                                                                                                                                                SHA512

                                                                                                                                                                6bc982502f2facbce87d7bd5dea244b950cfe21591462449d0a381e743dfbb98417f9ca6a2491bfaa1ff1e6bc9795e524cb455062ac9d7b873bfc6c72b687967

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                Filesize

                                                                                                                                                                2KB

                                                                                                                                                                MD5

                                                                                                                                                                1c671375a57116178a4ef598f16b3aa2

                                                                                                                                                                SHA1

                                                                                                                                                                cb5a31be35c3f213409dad5220d87e4dbb885480

                                                                                                                                                                SHA256

                                                                                                                                                                02ed4e900b01cca1fbea7eee232c9012a3070bce5a5723a0ad4a03473fa03d48

                                                                                                                                                                SHA512

                                                                                                                                                                f62fa91304a75cb172072cb51a3ed988412239f59146850958be9ad6eb941b82343f5f0646fb6091dd259bf61d0493b621968e9153306edd65faffd7255e677d

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                Filesize

                                                                                                                                                                2KB

                                                                                                                                                                MD5

                                                                                                                                                                fd77262133804e0b44810a021eaea900

                                                                                                                                                                SHA1

                                                                                                                                                                e807344f4e3a8394ace78128649e73e28c9f0228

                                                                                                                                                                SHA256

                                                                                                                                                                04ae92db53b9b7c5698f40b819cb6114f5938fef65f2a828079d398dcc83eb14

                                                                                                                                                                SHA512

                                                                                                                                                                24b796f366a680741c4ad84eb22dcb4a87c77c61f754116ad665f5e266edb432a45bbf036d337dfe715950608c5132fe3611b87110f48a0365a248afccae32e9

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5b489e.TMP
                                                                                                                                                                Filesize

                                                                                                                                                                1KB

                                                                                                                                                                MD5

                                                                                                                                                                d4f6b3f293df5fb55ba58736660e8e6c

                                                                                                                                                                SHA1

                                                                                                                                                                81d89806bc8d55c4342e82d6e7046c88272c4952

                                                                                                                                                                SHA256

                                                                                                                                                                7cf4cb64ce169851bbdad1eb917c91116fdad4433f3efe885fb24389aa958b04

                                                                                                                                                                SHA512

                                                                                                                                                                63cc5573a7d2f640b72113d7cb3e877ce162ac80b910a86e1eb3d2447702abdf229b1e29e149f26f6467dc84f48d9e3af489a1f73990e0b895a28df14b451b53

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                                                                Filesize

                                                                                                                                                                128KB

                                                                                                                                                                MD5

                                                                                                                                                                c01edabb0ee2c5377ed717c69bf1476c

                                                                                                                                                                SHA1

                                                                                                                                                                61541e1e2dd082ed32df13a1e9fab5f44a06a308

                                                                                                                                                                SHA256

                                                                                                                                                                8c34f3a1428c3faedde4d7f455c09fbe3afc161f5eef17cc590268367cb89408

                                                                                                                                                                SHA512

                                                                                                                                                                1c693286064d35f866f553320cdc75928ddcab53be515746c3f7613a3f1ee4f7fd77affdd51592d1a8bf0c49f9371c9831d5322635065fe7b7ce7a999af20221

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
                                                                                                                                                                Filesize

                                                                                                                                                                116KB

                                                                                                                                                                MD5

                                                                                                                                                                5c8c56dd22c18e1a3c94ece2640cc03a

                                                                                                                                                                SHA1

                                                                                                                                                                abe650a60b131effddcb7392852f1a244c22cc74

                                                                                                                                                                SHA256

                                                                                                                                                                953adad483e1628a3529b0a393d686d49615736728ef995de39f2916cf2bff78

                                                                                                                                                                SHA512

                                                                                                                                                                45d606e849c7651f4ad13208be94a0a6f0fcaab778b5fce8ae97b231bec6d8cc20997d2a726863953871f1cfe6218e209fd006fd1d5681f98246432ad2a77f72

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                Filesize

                                                                                                                                                                16B

                                                                                                                                                                MD5

                                                                                                                                                                6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                SHA1

                                                                                                                                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                SHA256

                                                                                                                                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                SHA512

                                                                                                                                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                Filesize

                                                                                                                                                                16B

                                                                                                                                                                MD5

                                                                                                                                                                aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                SHA1

                                                                                                                                                                dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                SHA256

                                                                                                                                                                4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                SHA512

                                                                                                                                                                b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                                Filesize

                                                                                                                                                                88KB

                                                                                                                                                                MD5

                                                                                                                                                                b7a8af91a289b7d00593f41af20533d2

                                                                                                                                                                SHA1

                                                                                                                                                                43f28004cb3b9dce0c06b7d41ef69aa3c08de26a

                                                                                                                                                                SHA256

                                                                                                                                                                bd3f8051c94abf69eea6bb2948142361fbdb1ed0d3392003fd9841510ba1bbb0

                                                                                                                                                                SHA512

                                                                                                                                                                dfd2844118e125a4d940a9519dd2e88bde7d2d5557c1bf4aeee25852ef2e038908c9ab54eb98fac02adfc79676ffe122bf315fbb2b893604bd05112ce8c62fe1

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                                Filesize

                                                                                                                                                                11B

                                                                                                                                                                MD5

                                                                                                                                                                838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                                SHA1

                                                                                                                                                                5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                                SHA256

                                                                                                                                                                ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                                SHA512

                                                                                                                                                                9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                Filesize

                                                                                                                                                                10KB

                                                                                                                                                                MD5

                                                                                                                                                                7d3090ea56d40028ed84620c536fadce

                                                                                                                                                                SHA1

                                                                                                                                                                ecd54a1a1ec9bce34a44020069ae113c5127e9a9

                                                                                                                                                                SHA256

                                                                                                                                                                33a94d2ebd9cd7e4c39bd050a4347f0af3ba06507680c222e72850fc8f758863

                                                                                                                                                                SHA512

                                                                                                                                                                4fb72e1b7e4492eaf2491013f3109efc8e2bd827ff2c4ee865dd56e7d679fe631b0ccba5c08d146eefbb8a1f9421c42251506c78e483adadfe6418f45c5aeecc

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                Filesize

                                                                                                                                                                12KB

                                                                                                                                                                MD5

                                                                                                                                                                f7d22721d9b95f16f2609805b5a8f8c0

                                                                                                                                                                SHA1

                                                                                                                                                                dc8d000461cb108a7a527a84d78c7ce2a7ae1a48

                                                                                                                                                                SHA256

                                                                                                                                                                521bf3a6c3c7e60ca56902ea3fb6e547923c71d9240cce4853c9583a696badd6

                                                                                                                                                                SHA512

                                                                                                                                                                b2ee99ba416cbd8deeebc775df2c595f279bb81111e660216b2a178b1eec79379e7cd8fa605cf824fadd23736f1cd1d0ed1711230e76cf2f8791b10ad7cc6343

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                Filesize

                                                                                                                                                                10KB

                                                                                                                                                                MD5

                                                                                                                                                                5f48c1aa6707613315e9d9c6dd6373f4

                                                                                                                                                                SHA1

                                                                                                                                                                e840e5b5e1a693a6f49fa7406f0e96051215f1a5

                                                                                                                                                                SHA256

                                                                                                                                                                488f2c5b156297a77ae6e362ae894505c59bc45eeaab936e71182b4bb11bd43a

                                                                                                                                                                SHA512

                                                                                                                                                                3e24a53112dbad731fab5608accf7c0f1132db435d548238186046f3e9307e0ab09dbf85a887dacdd7fb41a5ce39470a7dae0ed22a154fa6455ffe9dd84f67bb

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                Filesize

                                                                                                                                                                12KB

                                                                                                                                                                MD5

                                                                                                                                                                f7d22721d9b95f16f2609805b5a8f8c0

                                                                                                                                                                SHA1

                                                                                                                                                                dc8d000461cb108a7a527a84d78c7ce2a7ae1a48

                                                                                                                                                                SHA256

                                                                                                                                                                521bf3a6c3c7e60ca56902ea3fb6e547923c71d9240cce4853c9583a696badd6

                                                                                                                                                                SHA512

                                                                                                                                                                b2ee99ba416cbd8deeebc775df2c595f279bb81111e660216b2a178b1eec79379e7cd8fa605cf824fadd23736f1cd1d0ed1711230e76cf2f8791b10ad7cc6343

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                Filesize

                                                                                                                                                                12KB

                                                                                                                                                                MD5

                                                                                                                                                                13af6e4081c9d1740cd7d76ad8826d6c

                                                                                                                                                                SHA1

                                                                                                                                                                605b13db38fff900819e8e1feb6be2dfb11a3e48

                                                                                                                                                                SHA256

                                                                                                                                                                cdceb8a15ed8870b9f96642750f03b954171fb89f650aaabae536f422654896c

                                                                                                                                                                SHA512

                                                                                                                                                                ba855f8628542a4b86f8392b9ef059dd37ae61f1e8e6bffc6c8f9e8fef0d0c3c3691e49b6ca364877921adce6c286f82392d5b3825d809fe03a9801f29ed027a

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                                Filesize

                                                                                                                                                                264KB

                                                                                                                                                                MD5

                                                                                                                                                                4b2ba101cdb97d39345ad03cf91631e4

                                                                                                                                                                SHA1

                                                                                                                                                                9f34ae3db1f4b45f1f3744dfc664c1e03b2a939e

                                                                                                                                                                SHA256

                                                                                                                                                                1e1101eafd852782bec9babda17a9da90af4c43beb47d27ee2dddfa58558e915

                                                                                                                                                                SHA512

                                                                                                                                                                663230bf23edde24e79078596713ca1148a4e2f18199288a12cf001d8beb8ab4a5f8a37c6c24537c03b0032af0c92922818af40dee616acd94394cecd69c16d5

                                                                                                                                                                Download Submit

                                                                                                                                                              • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
                                                                                                                                                                Filesize

                                                                                                                                                                10KB

                                                                                                                                                                MD5

                                                                                                                                                                570956ced88e93e50ab0167f365fa26f

                                                                                                                                                                SHA1

                                                                                                                                                                3bf1c06b3ecbe63551fa64fdd6dd91e88bdde1db

                                                                                                                                                                SHA256

                                                                                                                                                                6003bd061986608c1b6949844acd00a309139831617637b3ad3974ef521ca9f3

                                                                                                                                                                SHA512

                                                                                                                                                                51f8b77fe14ea8a20612a3c4ba31ba1ce55089b468e1d6fe7a788a034391855e16baf0b72d2bdeb998c7cfc1ed571a7e41bc568aaaf5fdead2ca905f8219d08f

                                                                                                                                                                Download Submit