Analysis
-
max time kernel
212s -
max time network
241s -
platform
windows10-2004_x64 -
resource
win10v2004-20230915-en -
resource tags
arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system -
submitted
11/10/2023, 22:30
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe
Resource
win7-20230831-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
9 signatures
150 seconds
General
-
Target
9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe
-
Size
913KB
-
MD5
12e1ada93a7a71db224b28693b2661cc
-
SHA1
fc323d6c9d799ff96db9f0d930e90696b077bfaa
-
SHA256
9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a
-
SHA512
000f8e760eb2608cca473c3527662b782f735b7da16c2aba8d07b72cee7a4b3f5ee5b3086b8d9cd39719502d58754baaff5174d67b6cf114f42ae3d39e6d3a28
-
SSDEEP
24576:v4RF+cRDtzqUXWwioBq8MUwma4AGaM9Ra31G:v8AKBz7RlApz4AlM9RwG
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe -
Suspicious behavior: EnumeratesProcesses 4 IoCs
pid Process 832 msedge.exe 832 msedge.exe 5012 msedge.exe 5012 msedge.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
pid Process 5012 msedge.exe 5012 msedge.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: 33 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe Token: SeIncBasePriorityPrivilege 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe -
Suspicious use of FindShellTrayWindow 25 IoCs
pid Process 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe 5012 msedge.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 5044 wrote to memory of 2568 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 98 PID 5044 wrote to memory of 2568 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 98 PID 5044 wrote to memory of 2568 5044 9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe 98 PID 2568 wrote to memory of 5012 2568 rundll32.exe 101 PID 2568 wrote to memory of 5012 2568 rundll32.exe 101 PID 5012 wrote to memory of 1796 5012 msedge.exe 102 PID 5012 wrote to memory of 1796 5012 msedge.exe 102 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 1092 5012 msedge.exe 105 PID 5012 wrote to memory of 832 5012 msedge.exe 104 PID 5012 wrote to memory of 832 5012 msedge.exe 104 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106 PID 5012 wrote to memory of 2284 5012 msedge.exe 106
Processes
-
C:\Users\Admin\AppData\Local\Temp\9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe"C:\Users\Admin\AppData\Local\Temp\9ee8e3c42c5afd846583fe6bfe8fff9b23fc4488c9fadecf41bf56249841c61a_JC.exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:5044 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe url.dll,FileProtocolHandler http://www.unionbig.com/v.html?P=3063&A=&T=1&Z=0&AP=http://www.vlss.com/2⤵
- Suspicious use of WriteProcessMemory
PID:2568 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://www.unionbig.com/v.html?P=3063&A=&T=1&Z=0&AP=http://www.vlss.com/3⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5012 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffc23146f8,0x7fffc2314708,0x7fffc23147184⤵PID:1796
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1784,3165648631599365459,9807871950007458120,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:34⤵
- Suspicious behavior: EnumeratesProcesses
PID:832
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1784,3165648631599365459,9807871950007458120,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:24⤵PID:1092
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1784,3165648631599365459,9807871950007458120,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:84⤵PID:2284
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,3165648631599365459,9807871950007458120,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3440 /prefetch:14⤵PID:3828
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1784,3165648631599365459,9807871950007458120,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:14⤵PID:4756
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5db9dbef3f8b1f616429f605c1ebca2f0
SHA1ffba76f0836c024828d4ff1982cc4240c41a8f16
SHA2563e0297327872058355ac041a5e0fc83ed017faee0f6c0105b44bb3e5399a93a1
SHA5124eedc387fe304f27f9d52ff5d71461c7f22147f7a8c18b8e7982acb76515528a36486a567451daafe093f9563b133c6799f2ad046e04256ccb46c83eb99e86c5