734c29994e7cd8ebd8e0da8b101b7254b0bc92d51191699d3a2b8e86d43c13d6

Analysis

max time kernel
0s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 12:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6dec07be8552f9aae9e0fb5f41207575.exe
Size

561KB
MD5

6dec07be8552f9aae9e0fb5f41207575
SHA1

cd7f468c790beb89766033949acbdecd82917e27
SHA256

734c29994e7cd8ebd8e0da8b101b7254b0bc92d51191699d3a2b8e86d43c13d6
SHA512

4d531488905b2846dc2c52629b29bf39f2deaced41b51a7071a213284ab89bb10d15fb2fb50c378bca17975f98b77c4ef357b57791bddc1bd73701100230f6b6
SSDEEP

6144:N8JsLcpjzTDDmHayakLkrb4NSarQWvrXiXAichXHcQRZYXl3HOFkFXOR8:6zxzTDWikLSb4NS7uPXsQRZ2leqFXOu

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Delays execution with timeout.exe 19 IoCs

evasion

pid	Process
8836	timeout.exe
9740	timeout.exe
9380	timeout.exe
5140	timeout.exe
6372	timeout.exe
7312	timeout.exe
8156	timeout.exe
8008	timeout.exe
8748	timeout.exe
6524	timeout.exe
10224	timeout.exe
4608	timeout.exe
4896	timeout.exe
5916	timeout.exe
7056	timeout.exe
4416	timeout.exe
5788	timeout.exe
7764	timeout.exe
5032	timeout.exe

C:\Users\Admin\AppData\Local\Temp\6dec07be8552f9aae9e0fb5f41207575.exe
"C:\Users\Admin\AppData\Local\Temp\6dec07be8552f9aae9e0fb5f41207575.exe"
1⤵
PID:4372
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat" "
  2⤵
  PID:4708
- - C:\Windows\SysWOW64\timeout.exe
    timeout -t 1
    3⤵
    - Delays execution with timeout.exe
    PID:4416
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /K "C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat"
    3⤵
    PID:2184
  - - C:\Windows\SysWOW64\mode.com
      mode 1000,1000
      4⤵
      PID:740
  - - C:\Windows\SysWOW64\timeout.exe
      timeout -t 1
      4⤵
      Delays execution with timeout.exe
      PID:4608
  - - C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
      4⤵
      PID:372
    - - C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        5⤵
        
        PID:4416
    - - C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        5⤵
        Delays execution with timeout.exe
        
        PID:4896
    - - C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        5⤵
        
        PID:4328
      - C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        6⤵
        
        PID:2516
      - C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        6⤵
        Delays execution with timeout.exe
        
        PID:5140
      - C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        6⤵
        
        PID:5612
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        7⤵
        
        PID:5768
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        7⤵
        Delays execution with timeout.exe
        
        PID:5916
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        7⤵
        
        PID:884
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        8⤵
        
        PID:5500
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        8⤵
        Delays execution with timeout.exe
        
        PID:5788
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        8⤵
        
        PID:6220
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        9⤵
        
        PID:6312
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        9⤵
        Delays execution with timeout.exe
        
        PID:6372
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        9⤵
        
        PID:6900
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        10⤵
        
        PID:7012
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        10⤵
        Delays execution with timeout.exe
        
        PID:7056
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        10⤵
        
        PID:6824
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        11⤵
        
        PID:7060
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        11⤵
        Delays execution with timeout.exe
        
        PID:7312
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        11⤵
        
        PID:7540
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        12⤵
        
        PID:7640
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        12⤵
        Delays execution with timeout.exe
        
        PID:7764
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        12⤵
        
        PID:8044
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        13⤵
        
        PID:8140
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        13⤵
        Delays execution with timeout.exe
        
        PID:5032
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        13⤵
        
        PID:8032
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        14⤵
        
        PID:8136
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        14⤵
        Delays execution with timeout.exe
        
        PID:8156
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        14⤵
        
        PID:7236
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        15⤵
        
        PID:408
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        15⤵
        Delays execution with timeout.exe
        
        PID:8008
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        15⤵
        
        PID:8472
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        16⤵
        
        PID:8528
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        16⤵
        Delays execution with timeout.exe
        
        PID:8836
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        16⤵
        
        PID:9016
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        17⤵
        
        PID:9176
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        17⤵
        Delays execution with timeout.exe
        
        PID:8748
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        17⤵
        
        PID:9180
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        18⤵
        
        PID:6508
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        18⤵
        Delays execution with timeout.exe
        
        PID:6524
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        18⤵
        
        PID:9028
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        19⤵
        
        PID:9368
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        19⤵
        Delays execution with timeout.exe
        
        PID:9740
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        19⤵
        
        PID:10164
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        20⤵
        
        PID:6336
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        20⤵
        Delays execution with timeout.exe
        
        PID:9380
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        20⤵
        
        PID:9964
        
        C:\Windows\SysWOW64\mode.com
        
        mode 1000,1000
        21⤵
        
        PID:10008
        
        C:\Windows\SysWOW64\timeout.exe
        
        timeout -t 1
        21⤵
        Delays execution with timeout.exe
        
        PID:10224
        
        C:\Windows\SysWOW64\cmd.exe
        
        C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat
        21⤵
        
        PID:3852
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        21⤵
        
        PID:4576
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
        22⤵
        
        PID:2880
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
        22⤵
        
        PID:8220
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2988 /prefetch:8
        22⤵
        
        PID:7688
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3560 /prefetch:1
        22⤵
        
        PID:9612
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3552 /prefetch:1
        22⤵
        
        PID:9624
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
        22⤵
        
        PID:4804
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4976 /prefetch:1
        22⤵
        
        PID:7752
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4988 /prefetch:8
        22⤵
        
        PID:6064
        
        C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
        22⤵
        
        PID:9916
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
        22⤵
        
        PID:4516
        
        C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8
        22⤵
        
        PID:9844
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
        22⤵
        
        PID:5444
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1
        22⤵
        
        PID:8896
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2156,285661732978062410,6065505184689838408,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
        22⤵
        
        PID:8880
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        20⤵
        
        PID:10124
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
        21⤵
        
        PID:10140
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        19⤵
        
        PID:9420
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        18⤵
        
        PID:9548
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        17⤵
        
        PID:6540
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
        18⤵
        
        PID:6556
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        16⤵
        
        PID:9188
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
        17⤵
        
        PID:9204
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        15⤵
        
        PID:8668
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        14⤵
        
        PID:4324
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
        15⤵
        
        PID:7972
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        13⤵
        
        PID:4628
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        12⤵
        
        PID:7244
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        11⤵
        
        PID:7696
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        10⤵
        
        PID:6376
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
        11⤵
        
        PID:6844
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        9⤵
        
        PID:7080
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        8⤵
        
        PID:6396
        
        C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        7⤵
        
        PID:5920
      - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        6⤵
        
        PID:5948
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
        5⤵
        
        PID:5164
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
      4⤵
      PID:2380
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/watch?v=N0ixzrZe--0
    3⤵
    PID:3576
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
      4⤵
      PID:3460
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
      4⤵
      PID:3516
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
      4⤵
      PID:3920
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
      4⤵
      PID:780
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2808 /prefetch:8
      4⤵
      PID:3524
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
      4⤵
      PID:4536
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
      4⤵
      PID:4672
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
      4⤵
      PID:1792
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
      4⤵
      PID:4644
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3716 /prefetch:1
      4⤵
      PID:5248
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
      4⤵
      PID:5376
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3620 /prefetch:1
      4⤵
      PID:5828
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4932 /prefetch:1
      4⤵
      PID:6028
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4892 /prefetch:1
      4⤵
      PID:6120
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5880 /prefetch:8
      4⤵
      PID:5736
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
      4⤵
      PID:1516
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6100 /prefetch:1
      4⤵
      PID:5580
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6580 /prefetch:1
      4⤵
      PID:6332
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
      4⤵
      PID:6476
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7020 /prefetch:1
      4⤵
      PID:6564
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
      4⤵
      PID:7144
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7332 /prefetch:1
      4⤵
      PID:6400
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
      4⤵
      PID:6784
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1
      4⤵
      PID:6728
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5304 /prefetch:1
      4⤵
      PID:7776
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7880 /prefetch:1
      4⤵
      PID:7864
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5776 /prefetch:1
      4⤵
      PID:7364
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8012 /prefetch:1
      4⤵
      PID:7448
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8184 /prefetch:1
      4⤵
      PID:5320
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1
      4⤵
      PID:7640
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8828 /prefetch:1
      4⤵
      PID:8208
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9276 /prefetch:1
      4⤵
      PID:8328
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9460 /prefetch:1
      4⤵
      PID:8756
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9768 /prefetch:1
      4⤵
      PID:8864
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1
      4⤵
      PID:8468
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
      4⤵
      PID:9136
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9628 /prefetch:1
      4⤵
      PID:8860
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10012 /prefetch:1
      4⤵
      PID:9640
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10676 /prefetch:1
      4⤵
      PID:9764
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10872 /prefetch:1
      4⤵
      PID:3424
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11104 /prefetch:1
      4⤵
      PID:9496
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10224 /prefetch:1
      4⤵
      PID:9244
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,15206226079596237389,6045893978862065722,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
      4⤵
      PID:860

C:\Windows\SysWOW64\mode.com
mode 1000,1000
1⤵
PID:4560

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4328

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4640

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:2664

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:5180

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5728

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x78,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:5968

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:5924

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x518 0x51c
1⤵
PID:5952

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:6412

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:7092

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:7708

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0x10c,0x110,0xd8,0x114,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:7296

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:8180

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:8680

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:9564

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:9428

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x7c,0x108,0x7ff9213846f8,0x7ff921384708,0x7ff921384718
1⤵
PID:9924

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:9476

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:6360

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f246cc2c0e84109806d24fcf52bd0672

SHA1
8725d2b2477efe4f66c60e0f2028bf79d8b88e4e

SHA256
0c1014ae07c2077dd55d7386cc9cf9e0551be1d67fe05a6006957427ae09fec5

SHA512
dcf31357eb39a05213550a879941e2c039ec0ba41e4867d5d630807420f070289552d56d9f16c6d11edcdb0f9448bf51e7d2e460e88aa9c55a5bfe5d8d331640

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\64729920-3753-4168-bd5a-11e56045c978.tmp

Filesize
24KB

MD5
5e62a6848f50c5ca5f19380c1ea38156

SHA1
1f5e7db8c292a93ae4a94a912dd93fe899f1ea6a

SHA256
23b683118f90c909ce86f9be9123ff6ac1355adb098ffbb09b9e5ec18fc2b488

SHA512
ce00590890ed908c18c3ec56df5f79c6c800e3bea2ad4629b9788b19bd1d9e94215fb991275e6ec5a58ac31b193e1c0b9cbaa52ff534319a5e76ec4fc8d3ba54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
3KB

MD5
9ddb3be528d33be554cbc6bc4e635b45

SHA1
a63c989ba87d6b1edd660ffd27c0715d1906641f

SHA256
e39fe0967f16b66a0905b12e4a97320a9a22d402fdb7ed8add3ace990ded9bc0

SHA512
e8a8ccef3d70f8598f1989e673ccc03623a785c38e568270d6eaef1e0162797714a7a9e0df51254bfbec5e605ad172d6ba5d39f5b761965a07842e5a25654355

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
31KB

MD5
3f40a320e38fdcac641212aac0c6d108

SHA1
bb4f59f5a38dc76a3adb6c556504340f77b7e80b

SHA256
2d95953b6d836187bd1883a8b159987d00c4deff1bc571000190d4df4116048d

SHA512
627306a325526e8e1cae2b7cc3f320fa77b00933da8ceed7d8848e5bb06fc4aac1c5c730dc35a790cbc2dcbd001392a8e94b4c5abe2a923d25d9391fcc3723c1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
32KB

MD5
afe7d86fa536415872c1adb7bf952ed6

SHA1
9d642665fb2ea376e5f8d600e6962849107596c7

SHA256
32c9a40fddb6082fffdd710b1d54228c7ea745083a3a024c2da3ce08dfeb6569

SHA512
1d35776905e9911ab74a9193ab96061f960bbe9d8c388d3b980ae68e02d83e87ef755f4b21fafb77c2146fb5dfb68bec811cc65f138e7784676e6199bcda9685

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
20KB

MD5
cdf0acba75e04e8c5cb3d628fab828bc

SHA1
c116430b4b8405dc4917577c2dfa0743b6904c75

SHA256
fe7efb01385d656a072f5937549a2913f760432ebdff89fe3de6634eabf3e923

SHA512
8c951557e95a0f5ab1bf61623cd3bee95760b6fc7081216e9ff6cd931eeb68d62b8f6ea9b337aa1e95b4ca067e94b4ac052b4730178aa1f9941b57c7fc592243

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
23KB

MD5
f5c04211418d6526ad4539a5c2fb717f

SHA1
fb6e3e08048f23aa686ca1177107b303021dea38

SHA256
dff1f7f1bb951bae4f413df5a01ed89b8bc3ad87302366f65f7b0b12b24c74d7

SHA512
5ce2b4d21b8fca6c4d0b22bd97ce0e71dfde9ef88d88562a30ae1cc97ebc91edde4da00c2a9d1f93e11b7dd90dd26aa46d6045ff747ed18b61e4da630e2ee04e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09688e97c0e7d406_0

Filesize
381KB

MD5
26ab5cd40a15b82526cb851d0ca331b3

SHA1
29e55dcc086d416ed082a8d0020144d27945fc6a

SHA256
7d9ce140dd794fad8ae086d6f27418d131961ee3f871cee78eb99a5dbb21785b

SHA512
7a3b04822947c0fb333055b2dc7c379338b49a8beadcd253dd41b7db7f1d58ed17e5f3bd979c6b7818501edb7db6bbb27cba39be01e9415503cb9b0355698937

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\175b72797b6c8a1f_0

Filesize
3KB

MD5
db22db50aaad36fa44fdb2a55d4dc677

SHA1
e3db0f50bcf60cefadb30146478f4bc69251be79

SHA256
2dbd98e8ac30e0544fed93d938ea6754b95c61c5e696778b8a55d4474e83fb7d

SHA512
e870d853a39bd9ee6ec5c3adda6443793879d6e722a36edf813a003a31af645f88ea87edbf412e3b493c3a3a8f11129e33ebfd3616c49ee681c388e9d1505194

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3229de168d3428dc_0

Filesize
10KB

MD5
f52f84fc77f5058c581e1eb674f356df

SHA1
f41b288adedf35f8468548cba94ec9675ee4349d

SHA256
4c4cfeb6f82d6154e09f18e44b109653b9a86c499dd9f37581d7a0194699b87d

SHA512
6b22fcd6b363585fc35f728cfbf95f965a407f1b42253d89c936f2700986b2698b4a0e38d524529f598466b310476000bbfacedf91f03f38fa322a66e7198dd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3726511ca97ab071_0

Filesize
67KB

MD5
28726a3988a42d8b916df8cbdf11258a

SHA1
0ae798210fc45dcea788670e3ad24ac53cceff93

SHA256
34dd0647fce814bd05a037541787bbe9f95bf4796778dbf0c9985dffd1fc9651

SHA512
45138383837d943ca059f86f81cb1b685ed437df7103923795d03f2abaf0674233a4b2731c2005506e46019449af4c283aa570f454aae51323356cdd9848d270

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\41122de3f32cc4f8_0

Filesize
56KB

MD5
499c7dd7da32c9768efec8ace0ed1634

SHA1
9307025c0565bab457e2c3be33928d79bd66885f

SHA256
6c2196c2f0f88d6d166e6a6079b8f5c9fcfba016dd6e0dcaef20d9399b530e9b

SHA512
3cb04ac9a60d847a738076457241e60dbc8485bde25f4588c555ad225808b45bdd26827ac8a1bafa1701beb85a2c7219bfd0c6ace840de23cbf36ee05c26441b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5d3eaf9bca583330_0

Filesize
40KB

MD5
048f3598a948a8b8783e6edceb0b4300

SHA1
1c658e9d6b0194a5df99a36f734c0172b707b67c

SHA256
2d94c7f401bc2a8eb9f64e5077c749dc4d95e016392111692f58c1bae56bd9d5

SHA512
2c110aedd7714dbb2eba04892da150a1042aa24baa52a5d72c9e9796204c2eef261333cd506c4efd2f39d3b35e30574abb2bb4e9624c68fcda0e87bad8554f15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\639fa2a79cacd020_0

Filesize
2KB

MD5
554a4d2e7882090dd7140e84df46030f

SHA1
ef3231d3c2be196445a1c7e659c2d88eb73ac14e

SHA256
389cedccaf2beffd57bb5e7ab1a1f5145fa7923d6dc74753931cf9c827c17754

SHA512
9aeca366e73a3621bd98da5f48b95ecd054a70d4ac3926724320301d111cdbe80a02d0858f042cf63c1ccf4d309dc1dbeb8442fbd8fe46da945d5b1a7e341345

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7d90a65a6160a465_0

Filesize
9KB

MD5
791ff55e5b1984715075f17d12ee3aa3

SHA1
50747f4c21e99a8f43cbcae3551ef2b93190f0b3

SHA256
b8b9668876a03c75a04abef04975623bd88b23598b1e5d7c2c8ad6b766e2aa4b

SHA512
008a9ece3c5062477e6bdb07aebdf024642c4b9ee39452239fdb58e45d197f208e54bb0f3d80eb1af44ed10bf99df2e988648819505d67e579e6f20a188e762a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81a0dd60af06ac92_0

Filesize
298B

MD5
450bf435f0f3f4e0f312db711dec4410

SHA1
9e8dfae73d35cc602d3f0105f937094e22a1b957

SHA256
29caaac74867392407e93850c71dcee5c1b05561f5d97090cbf8a872a17df642

SHA512
e2725c21e1ffe85e6fcefcc106f9ff601dcf09716bac3968a7f2f12ae1723e1ed79479b9199292567ef7c7234e30e95f0fb27723c5f105f0a55a70bb01cd456d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9acb2e76bd003b1b_0

Filesize
381KB

MD5
90e96feb438cd505a9409109aff1b89b

SHA1
0d11b5331b4aecba82b42581ec55946a3c1c669e

SHA256
2d3a37dc9695760c1dbb4163ca302e7c4ad2817ddc2ac43495ed44d704d40721

SHA512
e6ba9b86d6098b1a828b78d22bc3fb82efa12e04f5001081871712b3c5a32cae82e643682397c66aae18824e48a4e51a97ddddc1c20da7986677ab083628a411

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a1e405be41565a6b_0

Filesize
279B

MD5
93dc7f9e3f0c2e52e91d83c596cc9538

SHA1
92203c8c555f3f4428f45e6184835e9498b18288

SHA256
e50f6785aaf298358b7d551429960df6d7b261b046f63f3c70a606ca03292946

SHA512
47cc054557f3e01ad9516c62e01e4a8146d80e15b8f80a8d6b1df43d5a921dd6540e2e62fecfa3b8da702a62d877e9680d6bd3690c18a27e7f9426713860828e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4a868c319279ff4_0

Filesize
296B

MD5
1aeca78291f96ce5b929d61845b8be0c

SHA1
92937f085f3f83d45e14e3b1a4e68f06c77d40f1

SHA256
3df58ad2b3c9a8c07351893cbfebf6c299ad70554cd73564e0472bae3af865ae

SHA512
4f747d7fe19bf195eae0d794a16c8d1de62bc80c6cee7ca2b4fccf2cb96f956468226d5e16737dd9dd18c82ba6bae27d08a0d1d3ffd61425971d0eb9cbb6dde4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
5KB

MD5
d92948a491c394d6e172dfeea8b0e18a

SHA1
60cabd524b1e951c2922c4c428416a276c3838ba

SHA256
c0f08785c7a37f1f18e78e68197db639e2f3e24a9644e331095e376f482ba153

SHA512
5cfcf98195f59f701b98342d6c1fa379fa7935993967005d0f3b1f85fc5c18cc923d5f593b52a23a8854e076ea42e46af86d2f3ea47180828198d75802da299c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
2c5521debf61f0fc44794a4a9e380285

SHA1
c90f85e44501a013640e7c0f8ad452f506a3fdf5

SHA256
1d3578414656ade5eb01fb2fc8fd918a492a09566fd98e1e8733dd7ee1f67d20

SHA512
d7d0160cea1b591ad6a50fd48f16cb96594486c11754cf68e04ba8a49467d5a7c7153a85696f97c07538e3075ab0d9c0ccff4de2e74d43647ee17c417d82c858

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2a31251b179360d7b29f9d13fd9d6f16

SHA1
0efb016a68de7a592be83c50d8da60a3700fb957

SHA256
e84f5d411d499a7b33f1f07bfe59f565878dd573c3b8e42a4a1bd6d989b4b9c4

SHA512
9094e1a141614b2c8a9d91b4b3c39c5b1d893781e8d3da517284a7e4eb7e23ad8c0bd45f75527a40f5dcad0041f0868643eb6b4b3cf105857580e6faccb27d8a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
84B

MD5
f175ee0cabd492e5e09719a8fdc69ba0

SHA1
3f3826cf5edb228a1bcbddc89075fc117b3c8aa6

SHA256
6c03d0696b9a164b0c0681f192e8791eabe9e98fed92c0174ba39c8413ea8868

SHA512
1dcae14369d7c14550271c58a01955fa35bd47962ae07e4af3ebe2b6055d97476534cd3da66fe1eede3a4acdc1e06aeb1e5cdc3e025a2c61e81001e526a67fc7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe575f46.TMP

Filesize
89B

MD5
4ac060503f541b4aa865ba41a1c71244

SHA1
a336b2eab505ce231a4e9fe67fd3be23dd88bc17

SHA256
e26f47f6dde401e1d3c08ca742ab99984307364872ad740eae454dc297accf38

SHA512
a3395eaa1aadf93ec39d6aa2e193912b8fff00fb74e99c3fac746780226b1db1d71b7bda1cf14e89d7c9c17b1fa8b5bad7c88de53349fc85ae06b4b9ced9cbd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
d7d109edfdc0135dbff7a69aef48e19c

SHA1
647befecc89b2ac1324afddb4189cc44052002a9

SHA256
155227eb5e9b885fb3870a25319d1787284d7a501cc89a7ed6643f7eca483a32

SHA512
b488128cd834c3c96215c4787b18aa5de334839dbe25fa3a8f2eba09d771406fa38ed73d1debbbd5e8805b0afe02ca5961e34bc1dadf64a996781859c41b4fab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
8ff1c8999e95768f0c33fd6d5af8e17d

SHA1
207395ca4811cbbf1dcfe9e0bf6de61dea0b7aeb

SHA256
3d651f569b5cbe946f66fa5f74fd66008187db93ecfb23171c34cf48d22fc7a2

SHA512
12cd39d4368151428bb46d927f27e5537272d025e1631a2dd52e74f3ee434fd1c165f2aeb79d6dff87560cb905ca6110b79a3dd1723491fddb43261644329386

Download Submit
C:\Users\Admin\AppData\Local\Temp\MATRIX2.bat

Filesize
4KB

MD5
e409da8b4024ea18de199ff4879cb810

SHA1
46460324a530e048615ba8e3d03b71097e5c809b

SHA256
b21f44d81a0611b070c986caa679a92f2bb869e7ca419f3dbd180f44cc2b1635

SHA512
06ece6cb93e55260e0ebfa8f2ed654691fe21dbb37518aa55a0ff18359279d0439a4773ee38ac96a142f917e9c41ff3e717db7ada3be6f2781f9cb0efbe401a9

Download Submit