hxxps://data[.]em[.]officedepot[.]com/ee/v1/click?params=v1[.]KBKhfh5A49y1Menpmq5N7DHt3AhiAtmPhQe-1R7ghBT-ERYk0xbQIis-kGV5mxzmXfrqgr3POSJYQJzu_spJn9MIC_Ifi9NCqXQqRDSwRr1zAX3ix1wqPr1ynaLiEBR_1BJNuOPx21xDZIGiaBIoecGatcofk7fNXxVnyV4heIYS4Bbbp699rddyvUxZnQ1o_Vjq4aRZO-LqwJ-TmmpZSmOEfOrST8k7m6L-gzWX2uuf9KQP7tElkXFeoNvKPblzExwW0caGL12G__65Vx7B47RJN3m8AZ1Mf4MixgKqttJsB2Kkx0h_gdCEWvrioC6kHaHGW6ku8NVFCWsVRb58gm6XB-19YhxRnf_EYFehhz_9xlBV1sp2_CsREkIgMj6pI-6ariZ63-KCn6gyXgCiD2Zt_qljPC3WJaGEwhylqt-ULg9yJSRI7RnXKAEr5TztnBP38F-F8JEduKZvUGlLrnu3ajjvirUgHocwd4xPU9Odu6dgShMMbp_S5zFS26G3Nky-CM07-8J9TyU9dXbxsoFhNnpY114CukC2X7E5j-mrKrFgf25Qd-h4Q22Sp8J4TizaAmGeyCqPWIYsn7GqSybMIiRqTtsogjrhZhKgGWtabMGNTZOd-EjGI_GSwwLzkqGXyUKhprEyykYVi1v494csQF5UpWjRjDxhr1VjsjSOyKRemWwDOiJX_p822vcIIQDtjfT1e5j0aPwwhnuP0RwABYN1WDELNpBdXP2Tg9mJGMHfKErTgj2sskUdEzslpZ-lyL6A9PJ9eSLNbQhlCG6HTYhpeL2R-agr4l04RUrKQXITRo9xd0Ir-1pq6cGO69UNkwWAyRMHqyLI8xmXYun5hTrVNOe9Lu7yLgUcDAxBoitL0MJguWvyZ5RTL-xfearU5bTdZZNiU3z3VISqyO-X5KARJC02XVUmsYqq8petaf4LU6dWnYpe6o63fTzmAkdlrVcNzC-4RGLO2unNfb1QfhCzWCxHF29vk79OG110_ejosReRiKURXxdb9ETMiBydxpmG08VD_da364X1bOPNMj86UJa9zq0nPmBJ5DHJJgm8qhO-8mWDJlduZVJRIAdvbNUhD98K80ZvEIHvzFhi3XQiCXhaj7DP3rhl5M1uJbrzkqfg_Gr3U0fC9WBnOWsxP62HxUt2bJk4jtGDt42qrX5FCd2kJ-4lCjkA9lU7eFNEx0s5PWMOBmT52E0PVnEqezO_Z7qzKHCzb844R2pmRATFYSfE1RKVczNt2BxZ4y8897GigBQCF5k8McfcWjxiKF94LL_L8Xn0CX5EVD2RAMUamX1KOEAl61a8-TrTEZ565AUIcPrOzdGlL-jlPPAICGKTlSekw7zBMvSguAGeBLbqCIzfB87IlQi95wegVppLulmmpBN34rTb7pedeivSKiuItBJDjggKdU7glSHfzf3Dft4W3lEZORWLWWNF0y3QSA5moOUAnBrQLD8VMlRuZ7Kng_d0yuaYZn8RZcYZcQo3gKhIVx8f0iJuRN-Rlq4iSK953TdWTQJqifNLY1yAOiBQkBna__0iYgsvav_Flo3nwBIyaIqi591urFqGLd6U7zOcUPZOMmJMIo8&pid=v1[.]4we1hROesQ1nEu-pBZ7sMalU-gaKV4gwYWZ00UDKzltgWJsumdXaAVY6zowWB6KLMNiDQMFGx1RRQbc9xjkZfxug4D33lnHs1WOK8zmX0MO5iSuCzpoF03gbfP_bm_oG8C_GL2uTc_bh8ZPhIEv-GSdOezU&tuid=658ef403363b36591f3230f8&configId=abc22d2b-bf0c-4ab0-af34-6fc73378a2c8

Analysis

max time kernel
0s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
04/01/2024, 09:22

Sharing

Behavioral task

behavioral1

Sample

https://data.em.officedepot.com/ee/v1/click?params=v1.KBKhfh5A49y1Menpmq5N7DHt3AhiAtmPhQe-1R7ghBT-ERYk0xbQIis-kGV5mxzmXfrqgr3POSJYQJzu_spJn9MIC_Ifi9NCqXQqRDSwRr1zAX3ix1wqPr1ynaLiEBR_1BJNuOPx21xDZIGiaBIoecGatcofk7fNXxVnyV4heIYS4Bbbp699rddyvUxZnQ1o_Vjq4aRZO-LqwJ-TmmpZSmOEfOrST8k7m6L-gzWX2uuf9KQP7tElkXFeoNvKPblzExwW0caGL12G__65Vx7B47RJN3m8AZ1Mf4MixgKqttJsB2Kkx0h_gdCEWvrioC6kHaHGW6ku8NVFCWsVRb58gm6XB-19YhxRnf_EYFehhz_9xlBV1sp2_CsREkIgMj6pI-6ariZ63-KCn6gyXgCiD2Zt_qljPC3WJaGEwhylqt-ULg9yJSRI7RnXKAEr5TztnBP38F-F8JEduKZvUGlLrnu3ajjvirUgHocwd4xPU9Odu6dgShMMbp_S5zFS26G3Nky-CM07-8J9TyU9dXbxsoFhNnpY114CukC2X7E5j-mrKrFgf25Qd-h4Q22Sp8J4TizaAmGeyCqPWIYsn7GqSybMIiRqTtsogjrhZhKgGWtabMGNTZOd-EjGI_GSwwLzkqGXyUKhprEyykYVi1v494csQF5UpWjRjDxhr1VjsjSOyKRemWwDOiJX_p822vcIIQDtjfT1e5j0aPwwhnuP0RwABYN1WDELNpBdXP2Tg9mJGMHfKErTgj2sskUdEzslpZ-lyL6A9PJ9eSLNbQhlCG6HTYhpeL2R-agr4l04RUrKQXITRo9xd0Ir-1pq6cGO69UNkwWAyRMHqyLI8xmXYun5hTrVNOe9Lu7yLgUcDAxBoitL0MJguWvyZ5RTL-xfearU5bTdZZNiU3z3VISqyO-X5KARJC02XVUmsYqq8petaf4LU6dWnYpe6o63fTzmAkdlrVcNzC-4RGLO2unNfb1QfhCzWCxHF29vk79OG110_ejosReRiKURXxdb9ETMiBydxpmG08VD_da364X1bOPNMj86UJa9zq0nPmBJ5DHJJgm8qhO-8mWDJlduZVJRIAdvbNUhD98K80ZvEIHvzFhi3XQiCXhaj7DP3rhl5M1uJbrzkqfg_Gr3U0fC9WBnOWsxP62HxUt2bJk4jtGDt42qrX5FCd2kJ-4lCjkA9lU7eFNEx0s5PWMOBmT52E0PVnEqezO_Z7qzKHCzb844R2pmRATFYSfE1RKVczNt2BxZ4y8897GigBQCF5k8McfcWjxiKF94LL_L8Xn0CX5EVD2RAMUamX1KOEAl61a8-TrTEZ565AUIcPrOzdGlL-jlPPAICGKTlSekw7zBMvSguAGeBLbqCIzfB87IlQi95wegVppLulmmpBN34rTb7pedeivSKiuItBJDjggKdU7glSHfzf3Dft4W3lEZORWLWWNF0y3QSA5moOUAnBrQLD8VMlRuZ7Kng_d0yuaYZn8RZcYZcQo3gKhIVx8f0iJuRN-Rlq4iSK953TdWTQJqifNLY1yAOiBQkBna__0iYgsvav_Flo3nwBIyaIqi591urFqGLd6U7zOcUPZOMmJMIo8&pid=v1.4we1hROesQ1nEu-pBZ7sMalU-gaKV4gwYWZ00UDKzltgWJsumdXaAVY6zowWB6KLMNiDQMFGx1RRQbc9xjkZfxug4D33lnHs1WOK8zmX0MO5iSuCzpoF03gbfP_bm_oG8C_GL2uTc_bh8ZPhIEv-GSdOezU&tuid=658ef403363b36591f3230f8&configId=abc22d2b-bf0c-4ab0-af34-6fc73378a2c8

Resource

win7-20231215-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

https://data.em.officedepot.com/ee/v1/click?params=v1.KBKhfh5A49y1Menpmq5N7DHt3AhiAtmPhQe-1R7ghBT-ERYk0xbQIis-kGV5mxzmXfrqgr3POSJYQJzu_spJn9MIC_Ifi9NCqXQqRDSwRr1zAX3ix1wqPr1ynaLiEBR_1BJNuOPx21xDZIGiaBIoecGatcofk7fNXxVnyV4heIYS4Bbbp699rddyvUxZnQ1o_Vjq4aRZO-LqwJ-TmmpZSmOEfOrST8k7m6L-gzWX2uuf9KQP7tElkXFeoNvKPblzExwW0caGL12G__65Vx7B47RJN3m8AZ1Mf4MixgKqttJsB2Kkx0h_gdCEWvrioC6kHaHGW6ku8NVFCWsVRb58gm6XB-19YhxRnf_EYFehhz_9xlBV1sp2_CsREkIgMj6pI-6ariZ63-KCn6gyXgCiD2Zt_qljPC3WJaGEwhylqt-ULg9yJSRI7RnXKAEr5TztnBP38F-F8JEduKZvUGlLrnu3ajjvirUgHocwd4xPU9Odu6dgShMMbp_S5zFS26G3Nky-CM07-8J9TyU9dXbxsoFhNnpY114CukC2X7E5j-mrKrFgf25Qd-h4Q22Sp8J4TizaAmGeyCqPWIYsn7GqSybMIiRqTtsogjrhZhKgGWtabMGNTZOd-EjGI_GSwwLzkqGXyUKhprEyykYVi1v494csQF5UpWjRjDxhr1VjsjSOyKRemWwDOiJX_p822vcIIQDtjfT1e5j0aPwwhnuP0RwABYN1WDELNpBdXP2Tg9mJGMHfKErTgj2sskUdEzslpZ-lyL6A9PJ9eSLNbQhlCG6HTYhpeL2R-agr4l04RUrKQXITRo9xd0Ir-1pq6cGO69UNkwWAyRMHqyLI8xmXYun5hTrVNOe9Lu7yLgUcDAxBoitL0MJguWvyZ5RTL-xfearU5bTdZZNiU3z3VISqyO-X5KARJC02XVUmsYqq8petaf4LU6dWnYpe6o63fTzmAkdlrVcNzC-4RGLO2unNfb1QfhCzWCxHF29vk79OG110_ejosReRiKURXxdb9ETMiBydxpmG08VD_da364X1bOPNMj86UJa9zq0nPmBJ5DHJJgm8qhO-8mWDJlduZVJRIAdvbNUhD98K80ZvEIHvzFhi3XQiCXhaj7DP3rhl5M1uJbrzkqfg_Gr3U0fC9WBnOWsxP62HxUt2bJk4jtGDt42qrX5FCd2kJ-4lCjkA9lU7eFNEx0s5PWMOBmT52E0PVnEqezO_Z7qzKHCzb844R2pmRATFYSfE1RKVczNt2BxZ4y8897GigBQCF5k8McfcWjxiKF94LL_L8Xn0CX5EVD2RAMUamX1KOEAl61a8-TrTEZ565AUIcPrOzdGlL-jlPPAICGKTlSekw7zBMvSguAGeBLbqCIzfB87IlQi95wegVppLulmmpBN34rTb7pedeivSKiuItBJDjggKdU7glSHfzf3Dft4W3lEZORWLWWNF0y3QSA5moOUAnBrQLD8VMlRuZ7Kng_d0yuaYZn8RZcYZcQo3gKhIVx8f0iJuRN-Rlq4iSK953TdWTQJqifNLY1yAOiBQkBna__0iYgsvav_Flo3nwBIyaIqi591urFqGLd6U7zOcUPZOMmJMIo8&pid=v1.4we1hROesQ1nEu-pBZ7sMalU-gaKV4gwYWZ00UDKzltgWJsumdXaAVY6zowWB6KLMNiDQMFGx1RRQbc9xjkZfxug4D33lnHs1WOK8zmX0MO5iSuCzpoF03gbfP_bm_oG8C_GL2uTc_bh8ZPhIEv-GSdOezU&tuid=658ef403363b36591f3230f8&configId=abc22d2b-bf0c-4ab0-af34-6fc73378a2c8

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 4220 wrote to memory of 4400	4220	msedge.exe	14
PID 4220 wrote to memory of 4400	4220	msedge.exe	14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa62db46f8,0x7ffa62db4708,0x7ffa62db4718
1⤵
PID:4400

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://data.em.officedepot.com/ee/v1/click?params=v1.KBKhfh5A49y1Menpmq5N7DHt3AhiAtmPhQe-1R7ghBT-ERYk0xbQIis-kGV5mxzmXfrqgr3POSJYQJzu_spJn9MIC_Ifi9NCqXQqRDSwRr1zAX3ix1wqPr1ynaLiEBR_1BJNuOPx21xDZIGiaBIoecGatcofk7fNXxVnyV4heIYS4Bbbp699rddyvUxZnQ1o_Vjq4aRZO-LqwJ-TmmpZSmOEfOrST8k7m6L-gzWX2uuf9KQP7tElkXFeoNvKPblzExwW0caGL12G__65Vx7B47RJN3m8AZ1Mf4MixgKqttJsB2Kkx0h_gdCEWvrioC6kHaHGW6ku8NVFCWsVRb58gm6XB-19YhxRnf_EYFehhz_9xlBV1sp2_CsREkIgMj6pI-6ariZ63-KCn6gyXgCiD2Zt_qljPC3WJaGEwhylqt-ULg9yJSRI7RnXKAEr5TztnBP38F-F8JEduKZvUGlLrnu3ajjvirUgHocwd4xPU9Odu6dgShMMbp_S5zFS26G3Nky-CM07-8J9TyU9dXbxsoFhNnpY114CukC2X7E5j-mrKrFgf25Qd-h4Q22Sp8J4TizaAmGeyCqPWIYsn7GqSybMIiRqTtsogjrhZhKgGWtabMGNTZOd-EjGI_GSwwLzkqGXyUKhprEyykYVi1v494csQF5UpWjRjDxhr1VjsjSOyKRemWwDOiJX_p822vcIIQDtjfT1e5j0aPwwhnuP0RwABYN1WDELNpBdXP2Tg9mJGMHfKErTgj2sskUdEzslpZ-lyL6A9PJ9eSLNbQhlCG6HTYhpeL2R-agr4l04RUrKQXITRo9xd0Ir-1pq6cGO69UNkwWAyRMHqyLI8xmXYun5hTrVNOe9Lu7yLgUcDAxBoitL0MJguWvyZ5RTL-xfearU5bTdZZNiU3z3VISqyO-X5KARJC02XVUmsYqq8petaf4LU6dWnYpe6o63fTzmAkdlrVcNzC-4RGLO2unNfb1QfhCzWCxHF29vk79OG110_ejosReRiKURXxdb9ETMiBydxpmG08VD_da364X1bOPNMj86UJa9zq0nPmBJ5DHJJgm8qhO-8mWDJlduZVJRIAdvbNUhD98K80ZvEIHvzFhi3XQiCXhaj7DP3rhl5M1uJbrzkqfg_Gr3U0fC9WBnOWsxP62HxUt2bJk4jtGDt42qrX5FCd2kJ-4lCjkA9lU7eFNEx0s5PWMOBmT52E0PVnEqezO_Z7qzKHCzb844R2pmRATFYSfE1RKVczNt2BxZ4y8897GigBQCF5k8McfcWjxiKF94LL_L8Xn0CX5EVD2RAMUamX1KOEAl61a8-TrTEZ565AUIcPrOzdGlL-jlPPAICGKTlSekw7zBMvSguAGeBLbqCIzfB87IlQi95wegVppLulmmpBN34rTb7pedeivSKiuItBJDjggKdU7glSHfzf3Dft4W3lEZORWLWWNF0y3QSA5moOUAnBrQLD8VMlRuZ7Kng_d0yuaYZn8RZcYZcQo3gKhIVx8f0iJuRN-Rlq4iSK953TdWTQJqifNLY1yAOiBQkBna__0iYgsvav_Flo3nwBIyaIqi591urFqGLd6U7zOcUPZOMmJMIo8&pid=v1.4we1hROesQ1nEu-pBZ7sMalU-gaKV4gwYWZ00UDKzltgWJsumdXaAVY6zowWB6KLMNiDQMFGx1RRQbc9xjkZfxug4D33lnHs1WOK8zmX0MO5iSuCzpoF03gbfP_bm_oG8C_GL2uTc_bh8ZPhIEv-GSdOezU&tuid=658ef403363b36591f3230f8&configId=abc22d2b-bf0c-4ab0-af34-6fc73378a2c8
1⤵
- Suspicious use of WriteProcessMemory
PID:4220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
  2⤵
  PID:4376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2796 /prefetch:8
  2⤵
  PID:4192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3412 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2144 /prefetch:2
  2⤵
  PID:1648
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 /prefetch:8
  2⤵
  PID:5112
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 /prefetch:8
  2⤵
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
  2⤵
  PID:3148
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
  2⤵
  PID:3252
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5644 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,1835587323848928192,7415269693960740830,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2744 /prefetch:2
  2⤵
  PID:940

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1460

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2340

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads