hxxps://unisonaudio[.]lt[.]acemlnb[.]com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmlzb24uYXVkaW8lMkZtaWRpLXdpemFyZA==&sig=4dnsXkfm8xLDNpCUhBfaPcJFVMD8Hwy2bpYKQpAfLBoN&iat=1706884851&a=%7C%7C251865569%7C%7C&account=unisonaudio%2Eactivehosted%2Ecom&email=FEzTiipaTXl%2BW%2BAU3cFfkq0jxmkOtmewcPgTzKPaV7gw7st8%3AdJnI2GDOfYlEKRQtBvVJL%2BGvyblw2eoa&s=2171a42257b8f883c32222e230e775f2&i=2797A16246A243A119911

Analysis

max time kernel
1199s
max time network
872s
platform
windows10-1703_x64
resource
win10-20231220-it
resource tags

arch:x64arch:x86image:win10-20231220-itlocale:it-itos:windows10-1703-x64systemwindows
submitted
02/02/2024, 16:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://unisonaudio.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmlzb24uYXVkaW8lMkZtaWRpLXdpemFyZA==&sig=4dnsXkfm8xLDNpCUhBfaPcJFVMD8Hwy2bpYKQpAfLBoN&iat=1706884851&a=%7C%7C251865569%7C%7C&account=unisonaudio%2Eactivehosted%2Ecom&email=FEzTiipaTXl%2BW%2BAU3cFfkq0jxmkOtmewcPgTzKPaV7gw7st8%3AdJnI2GDOfYlEKRQtBvVJL%2BGvyblw2eoa&s=2171a42257b8f883c32222e230e775f2&i=2797A16246A243A119911

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 6 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\Total	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B72164C = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 0000000000000000	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\OnlineHistory	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\NextUpdateDate = "413708160"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$MediaWiki	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 2c5b5b8bfc55da01	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\""	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 02c7848afc55da01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\NextUpdateDate = "413659575"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\unison.audio	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify.	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\NextPromptBuild = "15063"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\unison.audio	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\unison.audio\Total = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\NextUpdateDate = "413676169"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 1736548bfc55da01	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\it-IT = "it-IT.1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\unison.audio\Total = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Extensible Cache	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify. = 0100000025cca5e1550edec9dfc356c96e2f78fb7d48a18859e9ed16ba4260a99682f05d0ddfb9509e755f0affad199d947e8a53d0f69135127595bb08fc233d	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1775739321-368907234-981748298-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CRLs	MicrosoftEdge.exe

Suspicious behavior: MapViewOfSection 8 IoCs

pid	Process
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

description	pid	Process
Token: SeDebugPrivilege	1316	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1316	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1316	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1316	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	3080	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	3080	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
4804	MicrosoftEdge.exe
4952	MicrosoftEdgeCP.exe
1316	MicrosoftEdgeCP.exe
4952	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 4952 wrote to memory of 4612	4952	MicrosoftEdgeCP.exe	77
PID 4952 wrote to memory of 4612	4952	MicrosoftEdgeCP.exe	77
PID 4952 wrote to memory of 4612	4952	MicrosoftEdgeCP.exe	77
PID 4952 wrote to memory of 2532	4952	MicrosoftEdgeCP.exe	80
PID 4952 wrote to memory of 2532	4952	MicrosoftEdgeCP.exe	80
PID 4952 wrote to memory of 2532	4952	MicrosoftEdgeCP.exe	80
PID 4952 wrote to memory of 3836	4952	MicrosoftEdgeCP.exe	83
PID 4952 wrote to memory of 3836	4952	MicrosoftEdgeCP.exe	83
PID 4952 wrote to memory of 3836	4952	MicrosoftEdgeCP.exe	83
PID 4952 wrote to memory of 3836	4952	MicrosoftEdgeCP.exe	83
PID 4952 wrote to memory of 3836	4952	MicrosoftEdgeCP.exe	83
PID 4952 wrote to memory of 3836	4952	MicrosoftEdgeCP.exe	83

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://unisonaudio.lt.acemlnb.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ1bmlzb24uYXVkaW8lMkZtaWRpLXdpemFyZA==&sig=4dnsXkfm8xLDNpCUhBfaPcJFVMD8Hwy2bpYKQpAfLBoN&iat=1706884851&a=%7C%7C251865569%7C%7C&account=unisonaudio%2Eactivehosted%2Ecom&email=FEzTiipaTXl%2BW%2BAU3cFfkq0jxmkOtmewcPgTzKPaV7gw7st8%3AdJnI2GDOfYlEKRQtBvVJL%2BGvyblw2eoa&s=2171a42257b8f883c32222e230e775f2&i=2797A16246A243A119911"
1⤵
PID:1356

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4804

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:3564

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4952

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1316

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4612

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2532

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:3080

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:3836

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\F997UD8T\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\3N8P0GAW\suggestions[1].it-IT

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\DAW-Icons-2-768x49.png[1].webp

Filesize
13KB

MD5
f68672ea5d5af59334cfdc55f0803deb

SHA1
877cd4e880918278a3ec22eceefc164d421d5da5

SHA256
c92c80af6352f83eda848411dca45568ec7bc93c66ad1b0f634fc6212407e947

SHA512
949585a486a2b3faff737edc30ebdec3a5a8ee6bcf9f39f08c5d6493441c1c444523b3b657a808beae904ad6b72ac43775caee14da3a7fdf0b783ebf93d27c8e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\GothamBold[1].woff2

Filesize
13KB

MD5
f99fc79df82487f1d76f0854827493e9

SHA1
6e60ec0693b81a6268dcff7204f73f59d7dcba73

SHA256
44acf40a79fe0f1937f444368a1fdf480faf24c03b93093c687e0c9ab9095931

SHA512
2831297f40927afe06569ff4164b499169ea7b0b7f7824709c8bb3148f91254d058dd5b2b65deb69d495d5f538f52d053101984230af23c67b8f8f6fe1d15003

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\ac_tracking_script-v5ca1453d92c191f2367c084fdef9d99d4641333b[1].js

Filesize
641B

MD5
21d2a5eb35af6211a2f235df750969b4

SHA1
c0b0f412eb58069401d1e07016489f2711092af8

SHA256
08a563b7518bc70906f471b1f674563a354636fae6d32045b7141d47eb09e683

SHA512
10b2599e56d8e5c472a5f57bb0bd08657cffe106479bd9be3036c67d34ecab020683ade105b2013b0b70bef548130bf4e7eb55db1e5455d1d2a8d43d5bdb7dc3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\ajax-filter-posts[1].js

Filesize
776B

MD5
f3bdd12f57e190e5518a1cd3b9c07707

SHA1
1ed984a8d48a4d452452406d1f5c3de12a6d095e

SHA256
b66390e489c34d940cc018e34424f767bf03cf5b01d62284213621890bcd6b43

SHA512
0fe6fe6a86405935b2f18b7dabd87d03faef764a09075e03df57d4ca867389816e07b3517a94d4bec5eb3e8d97750c1b3a303b31dafa70c4daf08bc8d8b68b5e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\default-style-v05b3500ffd565d8dc1e16f403f712ab7a92d20e2[1].css

Filesize
649KB

MD5
a353e3703817c1b848f85f7566173620

SHA1
ee7405b08ceeb8827aa1c03ff97641abee988362

SHA256
5372df2cbd016b9cf9dfe8832b1fa40828ff41abfc5e5144c8ceb982c7545e55

SHA512
5e29f42b97f612e6c86af7f4e39804d5e57acf3ba5a2903601dac90dfe4d1adae9ba685dc257a5cf27e9c6780d3d180ad2d5e41429e3db87c2df3a0e399c236d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\main-css-vcf163f8927e9f0772396784316048fc4c05942b2[1].css

Filesize
389KB

MD5
d2ebd65ef688da0cfce7e758bca3f91a

SHA1
951ec1bb2af9c07dbc6ddc93459164b23f8313fb

SHA256
478d31823f15e92bd33a236036e457f9e537af681c5d31ff2e385e05997d73c4

SHA512
cc854fc9f4f0e3bf8af2e6f87526721c31b249cd3e2340c8bebbed4a4e2fefc6c7fa479cb7877ef0684ced43ac494eb049d5de72f5c8f29ab9ceb8531b92efc8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\owl.carousel.min[1].css

Filesize
8KB

MD5
d9435ea1ed513a64ab144a451e8cf6b7

SHA1
97f4e5f7967c4bd1d2e9dbf3e82b59f90737d328

SHA256
bf16b29c87745db259e48e1e5284e58e17779033f6a29a7598ccb625ed3ce0ee

SHA512
344a87a9757add1fe396229f62c5f16a2f3cee101a2241b171f201d2a4d56c35e2cd741ed49286a3fec199be3ef1a8e5031ac6d7199f52ccc85684170a597ed0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4EQFDGBB\sweet-alert-vbd08f039a47f339a206d15ad30c84dd2649f6e53[1].css

Filesize
25KB

MD5
3cc11b2c98934f6e502ebe56861ffe10

SHA1
b313932134acce26eb0da2804df9efa481b09720

SHA256
08edd61efcef282ecb00478b947c94847c2c1a7a7838fda53fa95f1531082c0f

SHA512
fd7f083251fd8c0b8c6727fd1e09ffa394374d94bde6e0f18ce541a6920c0364e86ce291bd08dd6436af5ee59dab9d5265b05846ce047051156e69a80d68e705

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\ajax-filter[1].js

Filesize
1KB

MD5
c534413538dd0ae20d1ba5c7739c5382

SHA1
dfb6406c3758f6baeb2e0fb3b93363b8cc8d0df4

SHA256
4a8f197194e015c740cd2ce9d4aa2d148e3aef4db08a654e6a679383093aa573

SHA512
b85816dfbbd8c84c4ba3b86f6fffa9e386b11370fdbd78b447be148d7afa476d1c16f063719a712de77cc35a9077d51ad11c62ea62aaa84cf1896c041d905d40

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\email-decode.min[1].js

Filesize
1KB

MD5
9e8f56e8e1806253ba01a95cfc3d392c

SHA1
a8af90d7482e1e99d03de6bf88fed2315c5dd728

SHA256
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

SHA512
63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\fontawesome.min[1].css

Filesize
56KB

MD5
eeb705d0bdccfd645d3bbd46dd1fbab3

SHA1
066def290f42ed8c00860e573cc880bd46e9ced4

SHA256
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

SHA512
39d11741808e95d8ea504b2e30ab19463f771eddb741196121bf04fd7d2c6f066199ef1e530ea0f2aec077118929a91c05bbfbfbf3d7d067366ed7fb46ef1c64

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\forms.min[1].css

Filesize
4KB

MD5
07173bbba55eb1345a5d068a3c92d17e

SHA1
175848364701b259826eeb2c36be9722dabe0793

SHA256
497b2c22753e00d2168c901d95ba67f2d6d9d2914b3c7dc0e56b9eea6d3b02d7

SHA512
2e7690f19fff32e13372452644b66c92775970d9d0d56471a085fe042cfd1d6bc600164e037cba8b4e35ea1d0c751ea5d9112043420f1796769201af7d4cea3a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\jquery.cookie.min[1].js

Filesize
1KB

MD5
4f8f624a1f37ded882a2e982a07ece34

SHA1
b1adadacb1a2120b1579e731115f003c91167823

SHA256
6407a9ffc16173f1d3330525f44a332501d2ed672cf276371a6c5ce2c4b9ea1e

SHA512
329d62bc0f1b1a12b72ea3c7f3a94a45b706dbae8887afbbfa0d45a2afa176bc06df0d823c0850bc52c4cc254d61adc82ef9f6517b8504752136fc49a76900df

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\jquery.min[1].js

Filesize
84KB

MD5
05e51b1db558320f1939f9789ccf5c8f

SHA1
c72c1735b4d903d90dd51225ebefb8c74ebbc51f

SHA256
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

SHA512
ab3ad9a98fe431508461ebbf8029bc536f34d16cfef8b4c62b8a62b56fe2b30a426e3c3186c994c2578bd585da1c89a9b421c6d2f27053b2f2ed13b0dd9428c3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\somdn-style-va05a69909f984d07a1dc9aa6b18ff8a58b51700f[1].css

Filesize
6KB

MD5
145b7ae7ec83cbb67bcdda3128dece84

SHA1
41a72a1d03e97f7d5e1848713d868619ec0924a1

SHA256
cbe3b58515bf2e608a55f70a1d367ea95b0c6a65b2e20acd7ee5682ab8039b65

SHA512
a0bf6bee8841c086c986f6a593f164156fdb8066e4c5ed43f8aafd4f8e0db61349be326991ab7fdf6b0dba2ea2c67a10140d3a86d8566dbb74b33eb98d91b7e6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\GUBQA7F2\wr-101ca19e5d393c39161fe7a7e6b6fd76[1].js

Filesize
527B

MD5
a403a56db4d8b3238a1932bd11f3edc5

SHA1
c2843b446529ac7dd517b475f48a119438e62f58

SHA256
e1e6ac3e44e81d28b6ee3b7c2ea931ad178dfa53b3949aaff63c2c8d579680fd

SHA512
edeea82f1576bc7a0dc96c62dd40ba711b36da0225a1e2dce08ca21aa43ea205177e8ef215b197b1738d5e4edd391a1a5c33f9f87d6fac7a5c1c8fb07e77ffef

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\GothamBook[1].woff2

Filesize
14KB

MD5
aa4d8fa7ef17324949dd41a3abdb0f1f

SHA1
77ead064187e88a2042fa0422475af6f8c0fee0a

SHA256
0e70019b0e921d8568795aa8c9b058385b942a60f73e2b3690e2dec24627f359

SHA512
9ae8b4a4724cf8c3fbed31a31f5bc92ee4ac1a2a195c7986718ac1ddc3a43532d87c35033408627a412eeb2e57f7aad56a8dd9fbe4b0b2a74b0b26071f293ec6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\GothamMedium[1].woff2

Filesize
14KB

MD5
eac36bd7570d3555d9e6b318b92f58e8

SHA1
a81e9805949a233f86f7a73ee12b972f18bc0b79

SHA256
e535522a9cc6e5d5afaf58eca3986d7923086a00b0402c4b85fd8ab643905b13

SHA512
721aa3c64430e8e7c506434573d72015611fab1d4b0015b9d0018a53fb77de27b5b061ffae0626b183994355707a6bf1f6faf203ef013760c5f73d9efae17a71

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\elementor-icons.min[1].css

Filesize
18KB

MD5
50be31853049e4b4a10c277d5f95eb75

SHA1
ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e

SHA256
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f

SHA512
d4e784c23393f5dec68871a57ebe42bb7b44112010774602b4a4f97baae37c6a40d405f71a624183f2597136141b79e9ac902c4835d34bf09a122978f71f8d4e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\flying-pages.min[1].js

Filesize
2KB

MD5
c20e3f49966e71df80be9a6af59449dd

SHA1
146f19bd77c273cabb10ac8b1769dc52a9d1333e

SHA256
0d47e27fa9be02569b0a1bec5efa2f9f2a5ab8562c582ed10394973e77163852

SHA512
940dbc1a45ba7b967e549f0bb590c89d005fcdcc421becb4e39ca492584b02b99dd43c8c1d0280e5ed55731ee2300c7702743c01a911e4023006516059c4c7a8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\font-awesome.min[1].css

Filesize
30KB

MD5
008e0bb5ebfa7bc298a042f95944df25

SHA1
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c

SHA256
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

SHA512
3f43f1a813b8188e7f8d296999491f99aff9010060f3e26b20ec32502fa76926361eda0644cdd20995661119206376c74516ea2a63ec4087fe88443aa3304022

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\frontend-lite.min[1].css

Filesize
105KB

MD5
43ea9108ad47274899b65d9e3fc4715a

SHA1
347eb087b05866892022ab4cd1367c928e75ffb6

SHA256
315755559a48bac3057d5c047e8f37762cffa36a38432b53b4ecc6f252f564a4

SHA512
c31523e983f90c4e4e25e68aedd270ed50e860a6d0a0e0b406e089b8c0c506adcb5f963a2a7405001252cbc55a5544c059be73e290ddc9336609a275549dd78a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\jquery-migrate.min[1].js

Filesize
13KB

MD5
5cfa2b481de6e87c2190a0e3538515d8

SHA1
0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68

SHA256
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

SHA512
51c4c1dbaf330ea0f6852659cb0fe53434f6ed64460d6039921dd8e82f7a0663eebfb7377dc7e12827d77ff31a5afee964eea91da8c75fa942acf6d596ef430f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\somdn-script-v2aa059e7c3341d423cdb38d938d927d69ec75754[1].js

Filesize
2KB

MD5
1a3d013c163978f7d01060d4f1f4c7a3

SHA1
78cd3f0b7affb3e68625753dd319e51bd589bd5a

SHA256
83091cdb4d3cffcbf9c17d5aa59582f781f953ca5e856a68db090321485ed9dd

SHA512
856799b58dde281ed64f983a6c8b09a434eda780bb469a83c0a9d8ae0f919aada18e6accf2714c94c065bfd4db8384c2009e93560689faf220ed1a5fae7970f3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VDSEZQVB\tracking.min[1].js

Filesize
4KB

MD5
1f693895db157c862dc884377aeeb660

SHA1
8c3af3e1079b1df0acf6da2e38afede83d605d99

SHA256
9c7bb881d50daf10495cb74da00bd5530559e1d819b85a29db561f3e93762f05

SHA512
e3b330c7584b6244f873a261ed22f23c762183f92c60aa3d4c4e643d60f1718c7dea7cbee4e3d9354e57c8561f7186c0c6b3b6acafff17502471d29e8a198b98

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\Unison-Logo-Cropped-3-1-300x94[1].png

Filesize
4KB

MD5
d08b2f7bc20d3e8f50c7f7865250c3d7

SHA1
c5ac187650edb6a60405731d5ec9af2d7e458954

SHA256
5666a4f12f745c36f167507a6ca5263758509305aa5112af9b2db46644988fc8

SHA512
2cf137b869ed697c755fdb49c6a41928bfd03e5bb4d8d11fb2d93db3de9ca7d5663dba574bc83918c5470e1534d3b83be8d372da06ea5c999daed648de75e797

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\animate[1].css

Filesize
54KB

MD5
05fff99ab05760431c4ee7a8009f25c5

SHA1
e0d94037da11c603f323b4483ee963b8a74c614f

SHA256
918d7f553d69accdfa3f4a1f7c7468cf6100450ede8b17eb9815033b12ea61b3

SHA512
7e7508e003472024bc485d4ca0126bdeecb32ea81f6593eed02cfdd9bb8ebc25e8f42c029a754533d020a5834df2657e6f3b6bb576db7f99692e32b68dc8ebe0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\bp-F8gevlnK1B6mYIQ2B2zacBgM[1].js

Filesize
4KB

MD5
eb2d9ac15b56c9d1d336fa1803b35e72

SHA1
48b3286a3d2283cfed1c3dea4197b85ccfc834f3

SHA256
8fa33ac94d025b9ee64448bd5024ad13db6932fe0d7b7ca8a744155a11dd194a

SHA512
38dbae568b93d1647149fcf8c1d054fb18333ed94f70c7db5dad6fa51b34b41b5badcbafdb32d7ba7538d0832db86b8fb5ab705f7635a95dc64f2594e7b60975

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\core.min[1].js

Filesize
20KB

MD5
c4e68a0f3463c0bd3c39eab38815e881

SHA1
0ce58644e9f3c5063a11453ff287c5ec096465a7

SHA256
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

SHA512
e871f258f625a5c8e8ec3848242352fd75dcb0f0b580333fce07625a6a2f53e83f22e4dd7492f2d12a880709d540de0bcdd9b335d853fe9cccfc0efccf718bce

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\frontend-lite.min[1].css

Filesize
11KB

MD5
33debed92cdfe17ef21592faa1912b42

SHA1
e5200050784e2a3722cc0ec0d1ce5cc0f0c19854

SHA256
b37cfbed115311e2234d160428f52aad1a8baae0edbd0f5abeaa3115495a19f1

SHA512
c6bbf3f2c1cca5773ef1aa0e2b9da44dd3f2da77ec263bb75f959c2177cf28ee7812ac3c8a25e716bf0bc188483ad25c7e34403c37332a33e62aef45a83532bc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\mediaelementplayer-legacy.min[1].css

Filesize
10KB

MD5
2b0dd7eecea03b4bdedb94ba622fdb03

SHA1
703becba85161118dd6fc66af465428ef43f561c

SHA256
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

SHA512
fe64cff950921bdf83ec09fe79ca5ce52de40f5b8788697eb1d7b28055f2817778347d5d3c81a324801c7ec7151b3ee0eee99b2882c3c3b10bd760342d3bf3e7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\reset-ajax-v2ebd3802dcb5b6f0fd0d62a484a6d3e3dc469610[1].js

Filesize
777B

MD5
6a8923d68e5e065da8b516e4528a259a

SHA1
929335c4a3cfe5ca9a43be52266aa97f48139dd5

SHA256
a68be2e1b415b65440476a29a38d133afa22b8b96fc6afa0db332aaf11acebef

SHA512
04f889baf436da8367e24e799eed957c1903501ac28b10ba43ebfbc5b28809996789710616540fde618d01566b6eaed97cd89727c415c6a42835f15877c4bbd4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\sib-front-css-vba0dc06521e9ce31b50dc9fd813bc1fc76e8da3d[1].css

Filesize
3KB

MD5
fe83dc64830f49e4c0f67aa4c56b2d7a

SHA1
ef8add192d8202bf3f34c0a373f1f640a1b2e4a7

SHA256
b54e0c0d7840d7bf319a623b9a9c2155efbd5fb3ec8b8b3a5b718922763d92bb

SHA512
1b038a8e4fc66c97fc512b4b932d9eabc7c0645b7239fb171534af285eba691e4d2ff81f74b6fa8ab70eae84b1ccbb2dcb519dc38d40013e0dbffbe61354fc91

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\sib-front-js-vfd4886f0463da0fcbf3bbd2cec35dfaf86f05c24[1].js

Filesize
7KB

MD5
c4c53c1afbc6f99662c83b64187413a1

SHA1
ce4c9d18fd4c8cbed655ecd84567fcc459fd411c

SHA256
87dcbaf8f1664ea0b3d846fb5dc6fbda9fda80e6cd01b23bd0d6b9189e008531

SHA512
3f0dda27444158dfd8881c7c65ec10148ad55f46b2c392bde1c9d4d5354caf9caa24b47b6613c7927731d8e3d9d2ef7fb19e04555c8c1ee13b8d8d1fb1878a9a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\W425505R\wp-mediaelement.min[1].css

Filesize
4KB

MD5
ea958276b7de454bd3c2873f0dc47e5f

SHA1
b143f6e8e8f79d8f104c26b0057ef5514d763219

SHA256
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

SHA512
2d40a1e713355eff88fa3bbf5471b4db5acc48fa2b978a555c034f2e5c7f131fcaf48e849d5d048df9d5dae068c4b6467a97b1dde99115e6b32f57e928569fc1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\User\Default\DOMStore\XOAU6SV3\unison[1].xml

Filesize
13B

MD5
c1ddea3ef6bbef3e7060a1a9ad89e4c5

SHA1
35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

SHA256
b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

SHA512
6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
1KB

MD5
230436fc402a027155e3213d5785c3ba

SHA1
47d5cb9b2669c0c048a3bccf207fff76ac170a67

SHA256
7bf515f114d9386f1071e63a484d2e65051cc6432343fcfb7232effddc795070

SHA512
4d1cb6d2b02b26936626a6f42724c50543626000a09644bef7670c4648fca7d9aa5a27ce585ccaf566a1bfc386fc311e438b1a8c747fd62311c6ed645c10c4f6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
724B

MD5
ac89a852c2aaa3d389b2d2dd312ad367

SHA1
8f421dd6493c61dbda6b839e2debb7b50a20c930

SHA256
0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

SHA512
c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

Filesize
724B

MD5
8202a1cd02e7d69597995cabbe881a12

SHA1
8858d9d934b7aa9330ee73de6c476acf19929ff6

SHA256
58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5

SHA512
97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

Filesize
410B

MD5
12f4b755750c53665583bdc2807d282e

SHA1
d5a3533f864722e34c4f8b8ee5a590f23140a085

SHA256
eefe81e9bfc427af09c862896e0a9600b6fc589314ca6261272c981e3c43a29b

SHA512
978cd6f5caeff82523bd682175f2280add21e19f3e6744c2db29fff8076c443aa1523605e9c0a99de68d3b5053f030e0e1e455005e12efcb96722b933af55ba0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

Filesize
392B

MD5
bed8d795b1aeaf2349fe34c782cb46c9

SHA1
bb12250598a508acdf3d56661474a27249800e02

SHA256
370e411458e09e4a1c1efe87dfc712943ad0ea7f5df6f14d4cc294fbef86cc54

SHA512
648718f82b2cbafbde3b382cd5ee4df4085ab772dfe9fd0a3d20282170e15f79770b69fb9abf76558b22365a4df7f13ce084c6c8b5a73a7739c16d87a0c7fe58

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

Filesize
392B

MD5
fd91322d3244c5d1166e6c5eb6288816

SHA1
7243619881a002685075afd3bea6353680b0df98

SHA256
114a042d4237d208a362e7ef91fff540838454ac1868fd5ddd27eb724bcdb74d

SHA512
8eed5ed264cb18b2e0c8f699738198a7d096f42b835dd96dc948f2dfe902d5731a6033d0e94d4eef2dbc5905fb9edef5e5f76c5601042c41b84496911533aed5

Download Submit
memory/3836-349-0x000001D35B760000-0x000001D35B762000-memory.dmp

Filesize
8KB

Download
memory/3836-351-0x000001D35B780000-0x000001D35B782000-memory.dmp

Filesize
8KB

Download
memory/3836-353-0x000001D35B7A0000-0x000001D35B7A2000-memory.dmp

Filesize
8KB

Download
memory/4612-117-0x000001A12D340000-0x000001A12D440000-memory.dmp

Filesize
1024KB

Download
memory/4612-73-0x000001A11B6B0000-0x000001A11B6B2000-memory.dmp

Filesize
8KB

Download
memory/4612-95-0x000001A12C400000-0x000001A12C402000-memory.dmp

Filesize
8KB

Download
memory/4612-91-0x000001A12C040000-0x000001A12C042000-memory.dmp

Filesize
8KB

Download
memory/4804-0-0x000001D0BDB20000-0x000001D0BDB30000-memory.dmp

Filesize
64KB

Download
memory/4804-35-0x000001D0BB0D0000-0x000001D0BB0D2000-memory.dmp

Filesize
8KB

Download
memory/4804-369-0x000001D0C6190000-0x000001D0C6191000-memory.dmp

Filesize
4KB

Download
memory/4804-370-0x000001D0C61A0000-0x000001D0C61A1000-memory.dmp

Filesize
4KB

Download
memory/4804-16-0x000001D0BE000000-0x000001D0BE010000-memory.dmp

Filesize
64KB

Download