hxxps://github[.]com/rustybalboadev/Discord-Raid-Tool/tree/master

Analysis

max time kernel
69s
max time network
71s
platform
windows10-1703_x64
resource
win10-20231215-de
resource tags

arch:x64arch:x86image:win10-20231215-delocale:de-deos:windows10-1703-x64systemwindows
submitted
23/01/2024, 12:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/rustybalboadev/Discord-Raid-Tool/tree/master

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 9 IoCs

description	ioc	Process
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = de329e33f74dda01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\NumberOfSubdomain = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "1370"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Discuz!	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\Total	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "1418"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$Telligent	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 7f27e237f74dda01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = f00945e1c470da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main\OperationalData = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "1309"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Extensible Cache	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "1309"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\SharedCookie_MRACMigrationDone = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\Certificates	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 01749357f74dda01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\Extensions	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1364394410-760759377-2797241167-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe

Suspicious behavior: MapViewOfSection 12 IoCs

pid	Process
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	5028	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5028	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5028	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	5028	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1544	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1544	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4640	MicrosoftEdge.exe
1112	MicrosoftEdgeCP.exe
5028	MicrosoftEdgeCP.exe
1112	MicrosoftEdgeCP.exe
4976	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 1112 wrote to memory of 2532	1112	MicrosoftEdgeCP.exe	83
PID 1112 wrote to memory of 2532	1112	MicrosoftEdgeCP.exe	83
PID 1112 wrote to memory of 2532	1112	MicrosoftEdgeCP.exe	83
PID 1112 wrote to memory of 2532	1112	MicrosoftEdgeCP.exe	83
PID 1112 wrote to memory of 2532	1112	MicrosoftEdgeCP.exe	83
PID 1112 wrote to memory of 2532	1112	MicrosoftEdgeCP.exe	83
PID 1112 wrote to memory of 2540	1112	MicrosoftEdgeCP.exe	93
PID 1112 wrote to memory of 2540	1112	MicrosoftEdgeCP.exe	93
PID 1112 wrote to memory of 2540	1112	MicrosoftEdgeCP.exe	93
PID 1112 wrote to memory of 2540	1112	MicrosoftEdgeCP.exe	93
PID 1112 wrote to memory of 2540	1112	MicrosoftEdgeCP.exe	93
PID 1112 wrote to memory of 2540	1112	MicrosoftEdgeCP.exe	93

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/rustybalboadev/Discord-Raid-Tool/tree/master"
1⤵
PID:196

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4640

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:664

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1112

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:5028

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
PID:1268

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4424

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2532

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:1544

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4976

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:5052

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
PID:1504

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:5064

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7MP3NYDO\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\G8T28VIS\www.bing[1].xml

Filesize
2KB

MD5
4d164f53e042388a2caf4e1710e96f75

SHA1
7fa32c45e856dbec37a7801809c91a43b996102b

SHA256
e12fd473c1ad372d8d7b6c2e58c7cba6ee34c0930ae7248087e58d650221a966

SHA512
29fc088d6e903ea37ef5295b4e721dfe83cf7f0afdbbf63d278eb2a1a4b2ef8fb8936801a64c233f3f94b4c8567f3c99007981c3abcbf5e7ab88c321b60db26b

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\XPQAME9A\suggestions[1].de-DE

Filesize
18KB

MD5
cc5361b5fdccfc6830217e2eb9972dd8

SHA1
e4a1206d9190eccea3e6a116c954d11da0aeba66

SHA256
afd57b0b6d8166e25bbef7cbc97522677c11c9a930fd4d4a204d1b7ae6258492

SHA512
ef63961bd7f0d3357d352a8f9c8ea57d0271e0fb664b1be179c38cd2d559bbaa4864f64f3521f26f868cc074f97994e2658c6d652021a39dc5207d45411691bc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A0LGG7MY\master[1].htm

Filesize
155KB

MD5
5a959432e7524b731a364a30ef9c3801

SHA1
368d071b7e9cb5d6704148bc8115f1b6d5f4c8b0

SHA256
2865e15aa4147a3e0f250319f56cb4978b751fe3c9f3b8aa93af99cd38fc318b

SHA512
864e23b1d2d238c00925b922ac726361bfa38de482521d5c5fdf168c594f62adc7dad768408e823901ad56165f817c0bda4568eb073990db7a202161a36f7f5e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A0LGG7MY\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_details-dialog-elemen-29dc30-a2a71f11a507[1].js

Filesize
15KB

MD5
b6a276c5c85ffb793d0a9ed82a24cb6e

SHA1
e3f235f3b5f96894214f8c038632262b460441fb

SHA256
f065392ebd02bfe54dfa902c51348eaeb4b7a00c0463ad23a1f9e671150c11f0

SHA512
a2a71f11a507482b9c26beabf60b83d3bb9d5fadba55b79ae456d41cc748b6e624932b9bac8308fe1d16c9422b20c98440c273ad9b00c724615cc07c5c158c5f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A0LGG7MY\vendors-node_modules_github_auto-complete-element_dist_index_js-d6c09d7e4e48[1].js

Filesize
13KB

MD5
6bc4026c44957759005bf7fc5792773e

SHA1
454edf5bda858b396845c240d86643b3758f5287

SHA256
1f36b3eb6d7fbae684bf3920036a776d32173740e8099d1b2cc95db01d3e195c

SHA512
d6c09d7e4e48d7d5eb1f549f971879a93787c2d36f936a8fff112a5c64d8dd484afc72ba5b0be9e2030e09a869b22ab218e7aa133106cc6f936287d106e44c4f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A0LGG7MY\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-3867c6400aef[1].js

Filesize
18KB

MD5
10bcc98971de3b7c4849e0c110725ce7

SHA1
65f7192990ba4f40e3b03afa5bc1798ffd674f18

SHA256
0b8e6d9f6f0c40d1c686d26c9e4ca14c8817055471a8ac2646438996da76e260

SHA512
3867c6400aef1a79296637d817d8f7bc564517ce3b142566cbe1c0d3a1172e471a020635117f558206873d7effe28fb3cfe1fb9776b589dc57f824154eb329eb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\A0LGG7MY\vendors-node_modules_github_relative-time-element_dist_index_js-c6fd49e3fd28[1].js

Filesize
14KB

MD5
dfdcdcfdaffdf861f7faeca7cf5b05ca

SHA1
49b1a6176fc93452a12fcc0ce67307914cf5ffe7

SHA256
895bb87f9e343bc67e1a0c87565e92e4ce6c75273349ba3573336c7a48228316

SHA512
c6fd49e3fd28d6aa9735873bf69f05114b005fbc10cc4ce1dda7b250d0471b883f569f2f654074ba436c4115a04aeb3b1fc5db0189cfe57a5e11e6aca9f6facc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\code-8cc02d346182[1].css

Filesize
29KB

MD5
fc324f13cc4e87d40f75fdd1dcc07196

SHA1
aad6ab37a1ae6eee708c09640b0177a6591a6ca1

SHA256
163cceee888fae50c4c1b514d74b3ff1368994c1e20f68b3d7234f4491b1c5ff

SHA512
8cc02d3461820daeb576f396127c8f98e55bcc0528e8565efdf2ac0d8f98b6bb176be2781f42487c8bdd9535bf136727469980f6eb1ded305a41f2661d0494e6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\environment-94c8f5a88347[1].js

Filesize
8KB

MD5
5d79e532dc003a2283365469dfea5e9b

SHA1
b987225084b43d577cc1f5cf87a94336c9ca15c8

SHA256
c190b500970f602cd9cb21b48acd3ba58386a3e1241486088c6e3b46816fa624

SHA512
94c8f5a883478a745fbb658a7415edd8f88b82a1b94093e84fc749bfb5046477f48129651f6cfda88bb1e30736cb15d5928c5434c28a6ea68048e01eae3f4800

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\master[2].htm

Filesize
155KB

MD5
f06ffe8c3a1b231d378ddde10b339b5b

SHA1
b1b1fe24dc8ecee6d7c3cd4c810e2a898afc1378

SHA256
37cd4c0db9ed5ac2bdee9b4586d2bacdfe2a67653444cc76e5f1c1cc8ee6dcdb

SHA512
a7ed495fb06146ac84a24294e1468bb8361ff153d02874f6b26f6121838d72be6e42420db1e2d92981536bc0b8b6dfa6c23ca367650446bb5852eca2eb6123fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\repository-389a4d55bc31[1].css

Filesize
27KB

MD5
c31345ce5d9bbd861b8c569b5df71877

SHA1
8741333af90bd40bca42d16ca8419c03a777f8a1

SHA256
660f44ad590cae51ea2fd60903365410d6a41d1acc88c16de9976c5110426028

SHA512
389a4d55bc31975dda3ae43c7e2fe48139736672ad5d6b396002cc0563df2c64729a2ca0c00e576ba6ac1d5b541714fcc54bf3ced32e6702c3dbadf912618905

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\ui_packages_failbot_failbot_ts-d0d83ce7cc11[1].js

Filesize
8KB

MD5
29eb261447d16aadfd493b63d318d14d

SHA1
cb0110b3d431090eebfbcd54f51eb6501d01d9f6

SHA256
b3df86f60a252ace94e5d4e454f936a531cdc27a0f4ebd24d32117516aff4e45

SHA512
d0d83ce7cc1103a81447a68350b349edc220a6eeb074d807a4665c52683e4a379aab4a61c9881f65426f8772a9c474b9303609189902ed314b58471ebed4d7e8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\vendors-node_modules_dompurify_dist_purify_js-6890e890956f[1].js

Filesize
22KB

MD5
80fa30c00e347b5bbc8b7ff9dc2c9f44

SHA1
d085fe485ada77814949e92fa9e1b1eb05ba5eda

SHA256
be77c75cf182f1830d0f90b8d7aee460f0108c6e7f5a143a524f709b9023c80d

SHA512
6890e890956fafa8187511df1ac3c80a5b8d56be5ca989da251741f59c8d1186c0efa3d374f113b0ebeda124b78dedd106ea97f487ec04cf2a012e7bdd1048b3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-6a10dd-8837a7c17569[1].js

Filesize
11KB

MD5
0fc949fec3e74c36782faa571fa3d1ae

SHA1
4729a4479fe302ebd88b5eae34750e0a5253eb71

SHA256
bab6cc46f9f1640db8c5d48ec03a26f3e599220833feac60fc6ed1aaab4719da

SHA512
8837a7c17569141fd71ad1e551c63c7c6bbdfe6a5eac92474198df45e4bbb33fb152ae0d3e31c550b70495da4733457fb80015826c81d83a24c396478b8e3446

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\vendors-node_modules_github_markdown-toolbar-element_dist_index_js-50c5393dc6a6[1].js

Filesize
13KB

MD5
f010ff52207da70d8ea898e5cb8dadae

SHA1
946b0284a063b79c6c68930634c86bd5453270de

SHA256
aae91ba67a6849495072239e3d2aeb9463725e7a6b80f1f19e1755d7052a1947

SHA512
50c5393dc6a6c166248c45291bc73de8b3fc6fd023e8c446091ef39d7f3c3d8192ef3288837d858ac868838d8111efa5d0dcc9e182826acd6b3b53ec26013970

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js

Filesize
9KB

MD5
683a7fe431bded8fbbf7b5189a1b8209

SHA1
2fb527473877ea06ec6b023690ce933c216c5d07

SHA256
f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3

SHA512
9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0[1].js

Filesize
8KB

MD5
6822816845d932c1e93f68372f005918

SHA1
1dd14a539530e8d131ce29be5e5f84e4098b6a15

SHA256
14d338ed3345cc8d74e239c812aa37eeee6126bc1ad8a17e4e2cf6ba8ee0adee

SHA512
086f7a27bac0d285f5e0c849cebac7176f86edb18037d8ec4356c2b8892fd3f47e045f857eb673b213661eea17441192cdb7a76c807c2badcecff6b7901aba92

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-a4c183-79f9611c275b[1].js

Filesize
13KB

MD5
0ebf88b18838ca3926ece77027c1a096

SHA1
0f2edc27f5a23e5c2f699443c0d6572904b7bfd2

SHA256
452a443efadf60da1b19b9bf50d6cbbb25ab9441a3e9fe73b678d9cd486d80b6

SHA512
79f9611c275bf2087d6b063e2f4bf13feddab30c494b7bc968169fddf15a451aa26fe231ffe9e2eb4b9923477528ce638f5688cf4930953d372df69e822ffb44

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AJQ7LURF\wp-runtime-b8e7021e81fc[1].js

Filesize
36KB

MD5
cf918a1c738174b2d553ed615b02409b

SHA1
d473d2737984efde344e4eb7d1a3d324e6c1d166

SHA256
1709bb4f4b705868f092ce50cceb366d5115afe89616b6a778dfe8337cbf0f34

SHA512
b8e7021e81fc48ac84f06d4f6ca824f89014e37b463011b1da225cca152d72266b30b386e5469e14742117849b6082568a4c10c04fb1bd39180163d5b681d0d3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AYENBA1F\github-36dce55f3db6[1].css

Filesize
115KB

MD5
019f4e6c208662333a257958b5936419

SHA1
bef42b71460fbbc465635f7264b2aeff85beb04f

SHA256
9ef54dd85486b2821bad5c07011e358eb95c99885d97bdc6ba74e73d3d841554

SHA512
36dce55f3db65e12751e4c63e82a29cf81f3dca449e90a76e2bb4410ea9c39b4f0fb098be3fde866902b2f3df33727614260c567e96feb5b0dab98f2ad3450de

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AYENBA1F\global-26986b495ceb[1].css

Filesize
270KB

MD5
46b00b1e1169f56c0e13722fcc6f1ec4

SHA1
5e9a118ebf4eded93957b591e11af3908e9ee5d2

SHA256
a75d552b5d20b02dda26df90f50f5738b60349be28c104b9e3adedd77fa0cb33

SHA512
26986b495ceb6ec013bbe3db1fb9a95520ba2b3884da22992a398abb2e1779fc17b55dc102b8b8739993ff33dd2ce07c0de446e94e2c5991ab25fe898118e675

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AYENBA1F\vendors-node_modules_color-convert_index_js-72c9fbde5ad4[1].js

Filesize
13KB

MD5
c706ad84a4eb261b75d1f77ce7f9bdc8

SHA1
497a9725442e7305adc54d19b828b2e38c5c56cd

SHA256
80b561c1746ef1533744e7bf7ea3f6c721a88a104d665bb97ffa8df96e69b682

SHA512
72c9fbde5ad471c76b76034459d0d75db00cceaf3904a14c01dd9dd9167da7f783086b79c446b24ed2630c9cebca1996b3ff8ea52dec6c865f173c8158962be6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AYENBA1F\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_github_alive-client_dist-bf5aa2-1b562c29ab8e[1].js

Filesize
13KB

MD5
f3fc91d783e4aca512744ca779f5563e

SHA1
888fcb2874e8dc5e2311007833c3da05475d29ab

SHA256
62b68187e1a4b7d9fd029df4a125a6f5c6a9cb95f4e49b087b56bfe8276a07bf

SHA512
1b562c29ab8e339e7785365933f64f26d14f8800c00a08c667623d4bc5bd244bc80b567519ce781f8082ad736275506b4ea58c3bb1dbd5d260eb8e7c42f60e19

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AYENBA1F\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62[1].js

Filesize
75KB

MD5
8d2fd700b674b265b884566f9e1a68b2

SHA1
b0071dc74ec8602aeb4d4063ace590e7dc26ab6c

SHA256
8d303394176f2b0cb950c35e71caa07a94141a3625c75d8b5da9f42f9a1bd700

SHA512
c91f4ad18b621b1321ca15512f94dfc9b7759ea2d0a150e0d4ec12c62ace6f5d01e60b991f0f1fa523b96ff9e0174e89a5c6496a6df15b61e57f232f2fdae967

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AYENBA1F\vendors-node_modules_morphdom_dist_morphdom-esm_js-5bff297a06de[1].js

Filesize
4KB

MD5
11a69b0651264a2235a7059e9e677227

SHA1
a467270f0455de4ab13fd33856a5341e38aaa6ea

SHA256
3316d32e073b0f756d7e247b00b1a016f421973c50f1e3a9ce9f5b86e975cf9d

SHA512
5bff297a06dec294d6d6eb1f52edf99e69871f6325e470c4792283524e0f65fdc701c1dd9c962f49cb42276cd108e7e4a71573ff575c971add30616c24101450

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\dark-56010aa53a8f[1].css

Filesize
110KB

MD5
7110fbc4050de42cae72d8a68f513be9

SHA1
8763df6655b29ef3821a79fbc2f8ce168cd6ed84

SHA256
75564bc9cea3f9a261da3423633c1e235cff36ad4656c0053136567fc512716c

SHA512
56010aa53a8f3e82ffc0147ce9c5c20a26050cb4fb9da5bd6ab1875390bc6775619d0cee389991502a7fea4cfe6686dfaa9d389a9e855289d514dc389d42ab45

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\element-registry-929f58381650[1].js

Filesize
50KB

MD5
0779ef9796500820af89632241a3eb5a

SHA1
7352bfe485c5fdfb83e2a77376cd323c338d120f

SHA256
93310b83c8637d1226ed0f0d55bf6c7fa26879286e541a5a3e52f20a06d31ebd

SHA512
929f583816505f5f7a66207ee36561ac7fa637492f365bd7e2b44948949510dd39b826ecb99e669684de0ed01544d72bc750d1a6d7b091a0fc392e9fe535b2f0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\github-elements-6bb222ad380b[1].js

Filesize
36KB

MD5
255147e0120153a38beb97681327d282

SHA1
b8e8ea16138be579d25e3f342ae292474c8cd2f5

SHA256
76c530a785e43bff66fe61c5f40f4ab23823edd980fed858d7f5baad51ca65cf

SHA512
6bb222ad380b8dddd9085746e73890d9050bf396c6edb542f581ceacf0b396efd81a70e9795ef57a8fb25b152f9345565e47b717ef6ac6918940ce98c69e8149

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\light-38f1bf52eeeb[1].css

Filesize
110KB

MD5
a42bec9f78a4a06db5216358416dd0cc

SHA1
b630847b50ec28872b731800a9bd415884a10835

SHA256
30a7db90b8a00a79548e168113ffa6de2f8a6d1a30a4242d2570c02f43a4bf67

SHA512
38f1bf52eeeb993d4e0512134a8509ee69899a630255d0762accc6c0a2f9996f8b4d7822c6ca24c08c48134aff096db8ff5d4c5d61045f86f998e7f6cb098dfc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\primer-6b3d1b701ef1[1].css

Filesize
351KB

MD5
0779f7c56d91c2057b665da3cf61d991

SHA1
64d59e01a5e0d129e447362418fa2d8053d952e6

SHA256
3de4f97ec64e1f8d8d820038f5615ef2cc1d2b377729a928b1c249f0fd046def

SHA512
6b3d1b701ef1c15f447932053c0e8773778703c8492c061e98b4dbd394a688cd252d0689c3d8c321db1af132c677296bb2520a43b64f2f41a05add82a957c9f0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\primer-primitives-971c6be3ec9f[1].css

Filesize
7KB

MD5
a22465990aba9644964f77d64b0544cc

SHA1
96e85e4c1dbab0a825931a0efc47530c5a985886

SHA256
5a5714b3410db5a37ca06954c5e34d1332a511683276730e6c85105535b9328f

SHA512
971c6be3ec9f2411afd2d8fa0a9d223eb9fd184bb36c446043d6892fd601a78b740082422544025483f0b24ebe554848e37b78eb09969a0c1ba353b91decab1f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-978abc0-15861e0630b6[1].js

Filesize
8KB

MD5
bb0e7b5daaad560076f1959626fe8623

SHA1
d54551de50a0af1d7a1d68eb83ed73dbf8330b33

SHA256
c12b2709c4790c9c065cdc183bd4d877cc5d15cfbf1cfacb1244263ea81074ca

SHA512
15861e0630b65ab8c41dc4ae2f8d9ce53aabafb12d066f8ce9e3532e6ef5fa5a0380c8caa6ee470b15fa1a5614a2f756a3a202ebcbb9e5a4457f0755b7d34f14

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-eb424d-1f1d46301f70[1].js

Filesize
95KB

MD5
6d3add56a5aa54734c8c930b414ce05f

SHA1
c0bebcd3e8669ed66a0986fd4428dfe1e71632d1

SHA256
b1b0af61643848643e82352a39205594beaed05c40cabb85cd1f6c6a638da3a4

SHA512
1f1d46301f70820a6d43bde3c6ecbcd63bdc0b0afaa2560dfa920caf0646cfd56dae448474dc992cceebf1ba99a1ab9e2f6dfd875e68dca339b16a11b8cfcb70

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UM48K7U0\vendors-node_modules_lit-html_lit-html_js-5b376145beff[1].js

Filesize
15KB

MD5
81628c9093236d8e3cf835f708c30608

SHA1
846b10531dfca6510051fc43abb8f9b5647a0433

SHA256
daf381c316a5988c9116aa65c5816cbc8a958211b4c0b7d989ad6c9645757902

SHA512
5b376145beffca1bfc6b0352c08819609a974b6170848699421208752a63f057869e0e4ddd23797b3a0c281c276d7fae580cf41bb5465c632aee58524b21e7ba

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\ZGSEBTCN.cookie

Filesize
166B

MD5
d1a53b30ad22b23fa5cf977f4000e9e4

SHA1
6411199bdfcfa9dc03407ec6495e2fe8c253111d

SHA256
bfe09a08587012ca8fdd66d4bc2c5648477eecd1ebafea744ff1154fb3ef2247

SHA512
43e3c6d657f301c867e5f5b3ca6775293276fa1a82621ba2705198d3d37c421bff4348548137df69006f58c742303e25b3871b9d127f2a460a618477e4fe5928

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\50CD3D75D026C82E2E718570BD6F44D0_D222662A57BAA60D2F5EA0D2CC7B2F1C

Filesize
312B

MD5
0f84ee0a7eff123b2eb2c78d9d9927f0

SHA1
ca2901f06c1246f50af463fda92ca58a90f7dc68

SHA256
789686030fe2d600fb9197c38441bf40a0d85fe4ee2262e8a00e4bc45e7ddf7b

SHA512
5fc37d57e0dc1e708407255f9c47662bc4396d6fda187f9b5d10ac63dc4009e1f36143b7e7f6d69be618531a15418e55f2d5d0f78d140f7de0841fde9c9add0e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565

Filesize
471B

MD5
900c35a2401c4bf2209575432a77d333

SHA1
60c61c6b9a6175cdffa9f3616bb9a90dd796622d

SHA256
5c691f2d5c448b1ae8dae7fd66d6fecbd99c6f3eedff0115052b0c337d561a07

SHA512
dfb28b5d669cf22eda57dee8f3697977d69fbfaa7ca2342d0bb9dbc41ee478df8f36e06fbd035d3c56004d7408f2c9198bc9e35f1dcfa35d121acaeee5586dcb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\50CD3D75D026C82E2E718570BD6F44D0_D222662A57BAA60D2F5EA0D2CC7B2F1C

Filesize
408B

MD5
8c5053e1c6f0bb7655d4bc9c847d0abe

SHA1
cf9bdcbeb0470793c88f3361aba62a26d7384c88

SHA256
3483f52dce865a67da8537de6eb5e845deef03a19f7d5a0daffc6de524d4f6a1

SHA512
f839ef7e119f524c7801764a972c92c87d56cd81a6e46cd8c0523055788a4318b82e50a9f63703dde12bf2aebe18ea2176cb84d42cdc064220fd2cec77c35c9d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565

Filesize
404B

MD5
1c0a704502ba0242ee0ce4eabb7779dc

SHA1
989d97e9c68a1221221dab9b8cb6eb4b392534cf

SHA256
20988a30007e3072a73e362145e0523d332606c7509de94939c5eb6c4c6b1cc8

SHA512
ea3b7e2ea10fdb687c8362335227b69c969d5482291e6004edb56047d13ef7bee1684f249c18380a27f45d7946196c67a29ac8d1e4ae147865961fc41d38ebe6

Download Submit
memory/2532-211-0x000002138E9E0000-0x000002138E9E2000-memory.dmp

Filesize
8KB

Download
memory/2532-213-0x000002139EEA0000-0x000002139EEA2000-memory.dmp

Filesize
8KB

Download
memory/2532-215-0x000002139F460000-0x000002139F462000-memory.dmp

Filesize
8KB

Download
memory/2532-217-0x000002139F480000-0x000002139F482000-memory.dmp

Filesize
8KB

Download
memory/2532-219-0x000002139F4A0000-0x000002139F4A2000-memory.dmp

Filesize
8KB

Download
memory/2532-207-0x000002138E980000-0x000002138E982000-memory.dmp

Filesize
8KB

Download
memory/4640-0-0x000001BC49420000-0x000001BC49430000-memory.dmp

Filesize
64KB

Download
memory/4640-35-0x000001BC497A0000-0x000001BC497A2000-memory.dmp

Filesize
8KB

Download
memory/4640-352-0x000001BC51C30000-0x000001BC51C31000-memory.dmp

Filesize
4KB

Download
memory/4640-353-0x000001BC51C40000-0x000001BC51C41000-memory.dmp

Filesize
4KB

Download
memory/4640-16-0x000001BC49B00000-0x000001BC49B10000-memory.dmp

Filesize
64KB

Download
memory/4976-295-0x000002A7FD8F0000-0x000002A7FD910000-memory.dmp

Filesize
128KB

Download