Analysis

  • max time kernel
    152s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-02-2024 03:47

General

  • Target

    6679f84b342073e78829cfbd45dd44ad2e63dc78c0723e8ea2334a1105265023.exe

  • Size

    896KB

  • MD5

    f619f14d19db93c671eb6214a3881d50

  • SHA1

    31b1a9464933bcbad1f4d6bbe18d557cf9159a85

  • SHA256

    6679f84b342073e78829cfbd45dd44ad2e63dc78c0723e8ea2334a1105265023

  • SHA512

    6b48d9135e61802192ac126521f7638e78d287bf284ddfe0c7b2d3f11ac2a14f3553af3b4dd1f6f24a757fa2dfde7e89bd91910949f634f0c92b0afb401dd5b6

  • SSDEEP

    12288:/qDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgagTH:/qDEvCTbMWu7rQYlBQcBiT6rprG8a4H

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 10 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 22 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 17 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6679f84b342073e78829cfbd45dd44ad2e63dc78c0723e8ea2334a1105265023.exe
    "C:\Users\Admin\AppData\Local\Temp\6679f84b342073e78829cfbd45dd44ad2e63dc78c0723e8ea2334a1105265023.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3904
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/account
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1596
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffe847e46f8,0x7ffe847e4708,0x7ffe847e4718
        3⤵
          PID:212
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2080,14765945916218681155,495408551278378733,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:5372
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2080,14765945916218681155,495408551278378733,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
          3⤵
            PID:5360
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.facebook.com/video
          2⤵
          • Enumerates system info in registry
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:4932
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffe847e46f8,0x7ffe847e4708,0x7ffe847e4718
            3⤵
              PID:1100
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2668 /prefetch:8
              3⤵
                PID:2288
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
                3⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:1632
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
                3⤵
                  PID:4732
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
                  3⤵
                    PID:2208
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
                    3⤵
                      PID:4572
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2816 /prefetch:1
                      3⤵
                        PID:5512
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4144 /prefetch:1
                        3⤵
                          PID:5836
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
                          3⤵
                            PID:6080
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:1
                            3⤵
                              PID:6352
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
                              3⤵
                                PID:6468
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
                                3⤵
                                  PID:6600
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
                                  3⤵
                                    PID:6508
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4276 /prefetch:1
                                    3⤵
                                      PID:6892
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5524 /prefetch:1
                                      3⤵
                                        PID:6948
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,1260595932282079034,8430325393693363728,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2272 /prefetch:2
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:8804
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://accounts.google.com/
                                      2⤵
                                      • Suspicious use of WriteProcessMemory
                                      PID:2068
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ffe847e46f8,0x7ffe847e4708,0x7ffe847e4718
                                        3⤵
                                          PID:1516
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,17428852672885566420,4061021824533205341,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
                                          3⤵
                                            PID:3280
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,17428852672885566420,4061021824533205341,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
                                            3⤵
                                              PID:1840
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.youtube.com/account
                                            2⤵
                                            • Suspicious use of WriteProcessMemory
                                            PID:4612
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe847e46f8,0x7ffe847e4708,0x7ffe847e4718
                                              3⤵
                                                PID:4460
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,9763150789735962899,14387410596233318085,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
                                                3⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:5968
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://www.facebook.com/video
                                              2⤵
                                              • Suspicious use of WriteProcessMemory
                                              PID:4224
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe847e46f8,0x7ffe847e4708,0x7ffe847e4718
                                                3⤵
                                                  PID:1368
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,7743141383549567581,13971195157990361789,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 /prefetch:3
                                                  3⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:6560
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://accounts.google.com
                                                2⤵
                                                • Suspicious use of WriteProcessMemory
                                                PID:788
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe847e46f8,0x7ffe847e4708,0x7ffe847e4718
                                                  3⤵
                                                    PID:560
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,5811487026261472353,2589226237077294628,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
                                                    3⤵
                                                    • Suspicious behavior: EnumeratesProcesses
                                                    PID:5144
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,5811487026261472353,2589226237077294628,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2
                                                    3⤵
                                                      PID:5980
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.youtube.com/account
                                                    2⤵
                                                    • Enumerates system info in registry
                                                    • Suspicious use of AdjustPrivilegeToken
                                                    • Suspicious use of WriteProcessMemory
                                                    PID:564
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1888,i,1224533293866269663,8438331425909244519,131072 /prefetch:8
                                                      3⤵
                                                        PID:8000
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1888,i,1224533293866269663,8438331425909244519,131072 /prefetch:2
                                                        3⤵
                                                          PID:7984
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" https://www.facebook.com/video
                                                        2⤵
                                                        • Enumerates system info in registry
                                                        • Modifies data under HKEY_USERS
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                        • Suspicious use of AdjustPrivilegeToken
                                                        • Suspicious use of FindShellTrayWindow
                                                        • Suspicious use of SendNotifyMessage
                                                        • Suspicious use of WriteProcessMemory
                                                        PID:4540
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffe84689758,0x7ffe84689768,0x7ffe84689778
                                                          3⤵
                                                            PID:1736
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1764 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:2
                                                            3⤵
                                                              PID:7936
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2228 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:8
                                                              3⤵
                                                                PID:8084
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3000 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:1
                                                                3⤵
                                                                  PID:5560
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3892 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:1
                                                                  3⤵
                                                                    PID:7360
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4180 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:1
                                                                    3⤵
                                                                      PID:8248
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5000 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:1
                                                                      3⤵
                                                                        PID:8464
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3888 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:1
                                                                        3⤵
                                                                          PID:7388
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:1
                                                                          3⤵
                                                                            PID:6496
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:8
                                                                            3⤵
                                                                              PID:7964
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5248 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:8
                                                                              3⤵
                                                                              • Modifies registry class
                                                                              PID:9076
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4272 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:8
                                                                              3⤵
                                                                                PID:9068
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5956 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:8
                                                                                3⤵
                                                                                  PID:8736
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5912 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:8
                                                                                  3⤵
                                                                                    PID:7916
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2636 --field-trial-handle=1888,i,11361556256819188933,6690919651304361659,131072 /prefetch:2
                                                                                    3⤵
                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                    PID:8936
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" https://accounts.google.com
                                                                                  2⤵
                                                                                  • Enumerates system info in registry
                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                  • Suspicious use of WriteProcessMemory
                                                                                  PID:800
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffe84689758,0x7ffe84689768,0x7ffe84689778
                                                                                    3⤵
                                                                                      PID:3964
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1876 --field-trial-handle=1988,i,2278010397989530288,6915089836687400991,131072 /prefetch:8
                                                                                      3⤵
                                                                                        PID:8180
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1988,i,2278010397989530288,6915089836687400991,131072 /prefetch:2
                                                                                        3⤵
                                                                                          PID:8172
                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com/account
                                                                                        2⤵
                                                                                        • Suspicious use of WriteProcessMemory
                                                                                        PID:1624
                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.youtube.com/account
                                                                                          3⤵
                                                                                          • Checks processor information in registry
                                                                                          • Suspicious use of FindShellTrayWindow
                                                                                          • Suspicious use of SendNotifyMessage
                                                                                          • Suspicious use of SetWindowsHookEx
                                                                                          PID:4516
                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.0.858106794\655536636" -parentBuildID 20221007134813 -prefsHandle 1796 -prefMapHandle 1716 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {aaf3da44-653a-4ae0-afe0-f70b35056823} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 1896 139557d4e58 gpu
                                                                                            4⤵
                                                                                              PID:5520
                                                                                            • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.1.1119456611\1043254692" -parentBuildID 20221007134813 -prefsHandle 2344 -prefMapHandle 2340 -prefsLen 21565 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f80fbfb6-f333-4942-8ca0-be20ed792601} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 2372 13955703858 socket
                                                                                              4⤵
                                                                                                PID:6928
                                                                                              • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.2.1183241347\679273214" -childID 1 -isForBrowser -prefsHandle 3056 -prefMapHandle 3240 -prefsLen 21668 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {eabdc14b-1fff-4739-9a0b-2c8e42f835fd} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 3096 13959a54358 tab
                                                                                                4⤵
                                                                                                  PID:7252
                                                                                                • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.3.1203763616\449695999" -childID 2 -isForBrowser -prefsHandle 3412 -prefMapHandle 3380 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {70962fd4-44de-4652-9f9f-9760e3bb6194} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 3480 1395a489758 tab
                                                                                                  4⤵
                                                                                                    PID:7400
                                                                                                  • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.4.1095253802\73497064" -childID 3 -isForBrowser -prefsHandle 3648 -prefMapHandle 3652 -prefsLen 21709 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b0996dbe-98ef-4cc7-9232-b8e671006995} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 3640 1395a48b558 tab
                                                                                                    4⤵
                                                                                                      PID:7576
                                                                                                    • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.5.1871304345\1820114654" -childID 4 -isForBrowser -prefsHandle 4744 -prefMapHandle 4740 -prefsLen 21943 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {2948d197-074b-4935-ad64-fef9d93c8633} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 4756 1395820e658 tab
                                                                                                      4⤵
                                                                                                        PID:8448
                                                                                                      • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.6.1580015622\304148209" -childID 5 -isForBrowser -prefsHandle 5020 -prefMapHandle 5036 -prefsLen 22208 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bfa6f19c-ef99-418a-9499-7d3421bcbe29} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 4996 13958c05c58 tab
                                                                                                        4⤵
                                                                                                          PID:5268
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.7.2146077205\1899127778" -childID 6 -isForBrowser -prefsHandle 4124 -prefMapHandle 4112 -prefsLen 22208 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {db475d06-0a0a-4456-b4ce-5bed1ea7045b} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 5016 13958c04158 tab
                                                                                                          4⤵
                                                                                                            PID:8928
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4516.8.2134504732\1499423563" -childID 7 -isForBrowser -prefsHandle 5000 -prefMapHandle 5056 -prefsLen 22208 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7ed2f8cd-bbf5-45d8-a930-9a8aac00b2f5} 4516 "\\.\pipe\gecko-crash-server-pipe.4516" 3600 13958c05958 tab
                                                                                                            4⤵
                                                                                                              PID:5880
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
                                                                                                          2⤵
                                                                                                          • Suspicious use of WriteProcessMemory
                                                                                                          PID:3584
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" https://www.facebook.com/video
                                                                                                            3⤵
                                                                                                            • Checks processor information in registry
                                                                                                            PID:2036
                                                                                                        • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                          "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                          2⤵
                                                                                                            PID:1968
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe84689758,0x7ffe84689768,0x7ffe84689778
                                                                                                          1⤵
                                                                                                            PID:3144
                                                                                                          • C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                            "C:\Program Files\Mozilla Firefox\firefox.exe" https://accounts.google.com
                                                                                                            1⤵
                                                                                                            • Checks processor information in registry
                                                                                                            PID:3300
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:5340
                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                              1⤵
                                                                                                                PID:6004
                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                1⤵
                                                                                                                  PID:6336
                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                  1⤵
                                                                                                                    PID:6260
                                                                                                                  • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                                    1⤵
                                                                                                                      PID:5552
                                                                                                                    • C:\Windows\servicing\TrustedInstaller.exe
                                                                                                                      C:\Windows\servicing\TrustedInstaller.exe
                                                                                                                      1⤵
                                                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                                                      PID:3280

                                                                                                                    Network

                                                                                                                    MITRE ATT&CK Enterprise v15

                                                                                                                    Replay Monitor

                                                                                                                    Loading Replay Monitor...

                                                                                                                    Downloads

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      40B

                                                                                                                      MD5

                                                                                                                      8ae25b226e0662d256cdb32f2777f840

                                                                                                                      SHA1

                                                                                                                      39594f82a6dd98b6e4a341648cd56e9efc6aa16e

                                                                                                                      SHA256

                                                                                                                      935b4cba7114f9adb0c7ae6acbc8903ec672ae318ac63c5d5e5edf857b4db207

                                                                                                                      SHA512

                                                                                                                      e529649b71c7a7fccaabc2833af3cbfc9bb15b66cc5735fc95a2bd741c502bd11af05853946d045a49d823e3f6899523d050fe7d33c485af5abccc8e2ca02e8f

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

                                                                                                                      Filesize

                                                                                                                      99KB

                                                                                                                      MD5

                                                                                                                      6686240bc8fde45cce7a08351901aa87

                                                                                                                      SHA1

                                                                                                                      9a77b17cd17da5bfefa44813944c2f83a0be7fe4

                                                                                                                      SHA256

                                                                                                                      5e03df5cf23f281e1468adbd4f7c6fecde0aa49aa091dff502c502259f08804e

                                                                                                                      SHA512

                                                                                                                      54d778639e5cac66fc9c6cc47198afef9ddb12052620ee35116c7e84131e10da986f45188db5ab384eb038d27d45ac7986ceb5a45f5683145b79c0f6d92c14e5

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

                                                                                                                      Filesize

                                                                                                                      193KB

                                                                                                                      MD5

                                                                                                                      2b6e1187601828b99dc29a13ef9aac46

                                                                                                                      SHA1

                                                                                                                      41cb7fab48a7901c5fb387d686c00cad1bc2dae0

                                                                                                                      SHA256

                                                                                                                      3ff5d2e14cfc576d42ac99508b4e1831334338b901c37c3c6a0fcd2637501f9e

                                                                                                                      SHA512

                                                                                                                      76f5c1c1899f394691775da933e376cbbfa90c7c08c0e62357b5308d14c11abfecb58f1e51841675f0200ccb711e6ce3ccd370b3e24f4a085856e6160ee4f8d8

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

                                                                                                                      Filesize

                                                                                                                      247KB

                                                                                                                      MD5

                                                                                                                      793988adbf16dd20cf312c379816431a

                                                                                                                      SHA1

                                                                                                                      6f02b1d4dc59a9b55651a649462a10011f4d801c

                                                                                                                      SHA256

                                                                                                                      53e387787d602e94456980df458743e33fd5000476e00a641f56caa2eb087626

                                                                                                                      SHA512

                                                                                                                      bdac805b7d99a3c88490512c19b3e5a33c0eb15159f60ee2be46e728050ceebb10b69aa39ba3b468632248eeefc81ba0906480eb96f6350bd7a607447df008e3

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

                                                                                                                      Filesize

                                                                                                                      18KB

                                                                                                                      MD5

                                                                                                                      09767280c6be3cc0d640642a9f57c02f

                                                                                                                      SHA1

                                                                                                                      dc745b23570a9712a60402d65ebda5a3abf78d5f

                                                                                                                      SHA256

                                                                                                                      48340432df3c3b62dbd1696fea8cf2eeae72e83db7a714442789533bd1860913

                                                                                                                      SHA512

                                                                                                                      31992846615c665a5a3d16d3b7a829cbb61fa60e8d5503d5617d65755c80e1e8ade32068d810636484d949bf2a51a7a0d78e0ce8daff8d11a290ba01e87dee5c

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

                                                                                                                      Filesize

                                                                                                                      107KB

                                                                                                                      MD5

                                                                                                                      73bbdb434d459bbad95a4299f0638a1f

                                                                                                                      SHA1

                                                                                                                      3f170e9cfa16c4c7588d909f0b589cf4ff819787

                                                                                                                      SHA256

                                                                                                                      3c0ff265488c0d3334db3b0308dcb948c543d6b687bb08b4150e441a07b08e0f

                                                                                                                      SHA512

                                                                                                                      6c8cc52afe154daf64b9df3915a4a68ca2bb400bdd6ee5ce550649fd893f9ff8fac053ba0714b6babea9f384c168cc41a6575eaa714e41568a0f74c9e169f7a8

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

                                                                                                                      Filesize

                                                                                                                      41KB

                                                                                                                      MD5

                                                                                                                      5a5c67772d44eca9ecb08e0ead7570af

                                                                                                                      SHA1

                                                                                                                      93ffda7f3ac636f88f7a453ba8c536fafc2d858b

                                                                                                                      SHA256

                                                                                                                      eef62541016d82bd804928b0fe0123d9ddbc20c2f4c0198ce98ae3adbf9a9c7a

                                                                                                                      SHA512

                                                                                                                      14a649db943dc9a756e24a043c5a946ab0dda3cdecbffa090bb71996ca3a35ad674052895a496195799def768ea318ec4ce8b97e4f2350106c84a6c4f50affb5

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

                                                                                                                      Filesize

                                                                                                                      24KB

                                                                                                                      MD5

                                                                                                                      92c1a75e44c7006e1666383bd2538b2d

                                                                                                                      SHA1

                                                                                                                      af87ec0804592aa3d84ebf011b756ec604859c87

                                                                                                                      SHA256

                                                                                                                      f483e3a3e8541540eccfc6676291a7b7a216c3deb4a5acf6e6b19f057f33f433

                                                                                                                      SHA512

                                                                                                                      c8e0154dcc36d088e0863dde3aef20a4338d2c38d1b5e2c2b114cc8bb7ac97d970fa910ce8de5cf089a550f5aee7ca7a38f8e45b51dfd4d71a7671c01e20efde

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

                                                                                                                      Filesize

                                                                                                                      97KB

                                                                                                                      MD5

                                                                                                                      c24509b5c94bbc7938d432e43df80930

                                                                                                                      SHA1

                                                                                                                      7e3393ecf872fd9de12bcf982793e77f8014048a

                                                                                                                      SHA256

                                                                                                                      7e3e1f385dd12010d4ab92f2178202bccee67b0f1b598bc009cda801bc6b8a7e

                                                                                                                      SHA512

                                                                                                                      a6fa8443dd66f7fc89b50768e0811a73b3810bb92ddc5eadd077cb91a96e774df1e5eec33ba92fe559d6d2c91b32be986113386879d282f60cfcd5faa038c8a4

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

                                                                                                                      Filesize

                                                                                                                      17KB

                                                                                                                      MD5

                                                                                                                      40565ae77bdd56c5065c3040f299cbd3

                                                                                                                      SHA1

                                                                                                                      326505677956a0caa2d8c422b300e510a0c44099

                                                                                                                      SHA256

                                                                                                                      a366a1cec37da47e00204083349df8c8ab365b666391bad9298ffeb692539ad7

                                                                                                                      SHA512

                                                                                                                      630930aff08acd9b76e3267597fbcd35cc74f4faf0180d8b164896b8ea0fa487f92cd054f0ba3382dfcfafd8a29d7b202ba4c291c6be3f2900cc4f64963d62c8

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

                                                                                                                      Filesize

                                                                                                                      21KB

                                                                                                                      MD5

                                                                                                                      3669e98b2ae9734d101d572190d0c90d

                                                                                                                      SHA1

                                                                                                                      5e36898bebc6b11d8e985173fd8b401dc1820852

                                                                                                                      SHA256

                                                                                                                      7061caa61b21e5e5c1419ae0dc8299142ba89c8169a2bd968b6de34a564f888a

                                                                                                                      SHA512

                                                                                                                      0c5f0190b0df4939c2555ec7053a24f5dae388a0936140d68ed720a70542b40aaf65c882f43eb1878704bea3bd18934de4b1aac57a92f89bbb4c67a51b983ae3

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

                                                                                                                      Filesize

                                                                                                                      34KB

                                                                                                                      MD5

                                                                                                                      b63bcace3731e74f6c45002db72b2683

                                                                                                                      SHA1

                                                                                                                      99898168473775a18170adad4d313082da090976

                                                                                                                      SHA256

                                                                                                                      ea3a8425dcf06dbc9c9be0ccd2eb6381507dd5ac45e2a685b3a9b1b5d289d085

                                                                                                                      SHA512

                                                                                                                      d62d4dddb7ec61ef82d84f93f6303001ba78d16fd727090c9d8326a86ab270f926b338c8164c2721569485663da88b850c3a6452ccb8b3650c6fa5ce1ce0f140

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

                                                                                                                      Filesize

                                                                                                                      20KB

                                                                                                                      MD5

                                                                                                                      c1164ab65ff7e42adb16975e59216b06

                                                                                                                      SHA1

                                                                                                                      ac7204effb50d0b350b1e362778460515f113ecc

                                                                                                                      SHA256

                                                                                                                      d7928d8f5536d503eb37c541b5ce813941694b71b0eb550250c7e4cbcb1babbb

                                                                                                                      SHA512

                                                                                                                      1f84a9d9d51ac92e8fb66b54d103986e5c8a1ca03f52a7d8cdf21b77eb9f466568b33821530e80366ce95900b20816e14a767b73043a0019de4a2f1a4ffd1509

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

                                                                                                                      Filesize

                                                                                                                      16KB

                                                                                                                      MD5

                                                                                                                      9978db669e49523b7adb3af80d561b1b

                                                                                                                      SHA1

                                                                                                                      7eb15d01e2afd057188741fad9ea1719bccc01ea

                                                                                                                      SHA256

                                                                                                                      4e57f4cf302186300f95c74144cbca9eb756c0a8313ebf32f8aba5c279dd059c

                                                                                                                      SHA512

                                                                                                                      04b216bd907c70ee2b96e513f7de56481388b577e6ccd67145a48178a605581fab715096cfb75d1bb336e6ad0060701d2a3680e9f38fe31e1573d5965f1e380a

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      936B

                                                                                                                      MD5

                                                                                                                      20779be8437d54f61f01c16c22f2910f

                                                                                                                      SHA1

                                                                                                                      54b79900c7aa94e41676ba2e70e833bf8592e049

                                                                                                                      SHA256

                                                                                                                      f23921e6e88ce428a96d7476087a6856b458a49a960757e581c5a2c330f388dd

                                                                                                                      SHA512

                                                                                                                      88de6181bf4dd5dfcfc35a5d37cfa5a1a6d42e9d5c575b1cb4df915641e9140418f1553c4f5ce0a05c0217a777a7c1e30f21f1c523b495d3a63156294226a537

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      480B

                                                                                                                      MD5

                                                                                                                      70215b415c4ff77dc35f2a9e076d5e90

                                                                                                                      SHA1

                                                                                                                      e04ec96536538a2616bb2098ead6c84e6c6c2e75

                                                                                                                      SHA256

                                                                                                                      c3f267dc11f62fb1af7e450c37c922d18bf2b939423d7ebe18bca8a43bd1d128

                                                                                                                      SHA512

                                                                                                                      92a45848e2c159748f102543b28c5f707192e93aeffee42bff01221fc329a869743e07b402e2ffb404dbc8ceec47b8909e4a616583dc3ca89b3d45dcbdb6d314

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      3KB

                                                                                                                      MD5

                                                                                                                      2a7bb03738112062770c9c074de9e144

                                                                                                                      SHA1

                                                                                                                      754e2830d651b368fc1146266db1f5d7036d78ff

                                                                                                                      SHA256

                                                                                                                      0ee85984eb2b2f5b5be8c1ae675347caba8397cf528be1ff8c412694d2d73fa6

                                                                                                                      SHA512

                                                                                                                      e86cca90ad1bee9d9cdb40fd1d5bac8ffe2f94d7aca4ce52933ba4ebc7ca450ed212a5553d3ef1e1c2777e4a5ece47650877091e6e6bcbeff03e34d5a0fbe610

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      537B

                                                                                                                      MD5

                                                                                                                      5a6fae764fa08f7b4fcbae8a75af5448

                                                                                                                      SHA1

                                                                                                                      ac6c751eff034aa9be5514c741a3dfa1745da5a4

                                                                                                                      SHA256

                                                                                                                      a9aeef79a31ecaa760cb97c29ab388b36cb27569073b7269f2f5bd318e996b49

                                                                                                                      SHA512

                                                                                                                      6762923e34ead7ff54623b6830f8df88300a5fdfba3a221bce74537393a730425dc7ebb2aacc29ba6bfc64679f06a3e4181fc4a0c4561012fb21ab29d6f6410b

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      535B

                                                                                                                      MD5

                                                                                                                      c030544c835db197d14a464559d92276

                                                                                                                      SHA1

                                                                                                                      c3fd5399f623db69122a47af1201c6b6a631cb78

                                                                                                                      SHA256

                                                                                                                      037f7783b25450280186c59f70a7d457dbaf1483d9a67604c1d1057360d311e0

                                                                                                                      SHA512

                                                                                                                      0cc0cb4ee06381b034d191fa4d462d08784602ee018a03c6627b16dc48e7ecf1227822b109665cd515e26df1133d51b27c99aa73f5d92f2e7af4f922a1a724bd

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      535B

                                                                                                                      MD5

                                                                                                                      2c1c18d9195e082865145e07e9bd595b

                                                                                                                      SHA1

                                                                                                                      171871e285288697429f64c47292bd4c05db7d89

                                                                                                                      SHA256

                                                                                                                      29b444efd564385ae7f3fca858dfb2fede24f9298dfe2d51f583af23cf59732b

                                                                                                                      SHA512

                                                                                                                      8bb3870f4c6548cc09bf6c0556b4e2e9e6ec2d0389fefde7dec133be43613e0630fd0fd7c6324d9128b9c30739084574d623abf71c5002f5f8ea91f04c21e2d9

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      707B

                                                                                                                      MD5

                                                                                                                      c0c02d995f160897339b4d3413f94b30

                                                                                                                      SHA1

                                                                                                                      e1ccb6b736359736f0b47d031e209faeb7d25bb2

                                                                                                                      SHA256

                                                                                                                      ae4d0d23f508ff890d0c6d06d724b695d1af92b715903e1d216c48972f58b320

                                                                                                                      SHA512

                                                                                                                      6c2b5bd7751ebaf4c76b732c4ab450757e68612137d308965aa7f4fd57d74979e4e05973034beecbdd6201edc5cd27f6b27aaa6f178588cf20ced8c82fda38b9

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      537B

                                                                                                                      MD5

                                                                                                                      ee52139c93a08aa22550d28963151e5e

                                                                                                                      SHA1

                                                                                                                      360ffafa59c39be0b31364ea46bab3a92171fad7

                                                                                                                      SHA256

                                                                                                                      15128a3a463012e81595e09ce56aa5b152bea34d2636d99928b514f01310dd0d

                                                                                                                      SHA512

                                                                                                                      57aee3c1130cc062c397126b7a2ae7a1e08f4af8ffb04d45eaa974cba25e29b40d8104b06da327921bf05b0b6060fa9b8cde5f3b7d282db229af10467e924bdb

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      7e87f3b356bb827bc6aaac071beb93ba

                                                                                                                      SHA1

                                                                                                                      a397cd190a61a79d5dda67e8d96ca46dd91c921e

                                                                                                                      SHA256

                                                                                                                      6188b7fb82d9a6f5a981713f7e80e7b1dd278fd9e903a9081cc8928c89f203dd

                                                                                                                      SHA512

                                                                                                                      b49d33335a121a9c93b0731cebf6af80b85cc21dbebb4eda1d05e2127729000e284319f75e423cedcfd535723af9a309af1cf07627fb0f4a5c1d1241d721a9f6

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      114KB

                                                                                                                      MD5

                                                                                                                      9a84cc6693744baeaa077fcc39f9900e

                                                                                                                      SHA1

                                                                                                                      56557adacb07fd7fa7a22bf4cfc1469c9f525392

                                                                                                                      SHA256

                                                                                                                      8f4cf8869d5528dab634797d19e488fb74b25c059b8b02798b868338e41d65ce

                                                                                                                      SHA512

                                                                                                                      64c50aaf58781666b2f72dd147a91a1f9de99e3ccdfeccc10d33bce69ce25d4c226582d786eecfd66d3864934d90a3bbcf258ada7331a8ed1930fed3b116bcd1

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      114KB

                                                                                                                      MD5

                                                                                                                      a9d467dcc644ca70e03653883f6fcaa5

                                                                                                                      SHA1

                                                                                                                      77e1c7951a2f71a1945dc58d76f9c88329829dc2

                                                                                                                      SHA256

                                                                                                                      7ec21175b5b62f03402f18399fa4419d78a047873a2a3c89cb6b2a6de743facd

                                                                                                                      SHA512

                                                                                                                      a684dc6515b920a3ea2fee84269c67b7626938847c0c77fee3f143e5ba4f49daa9eaac0995ecd8a5d02853615d1da939d28e078131be1f6951a9f69ff833fa70

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      233KB

                                                                                                                      MD5

                                                                                                                      8e6e5ff7a3e6790a0f9cf41cf0f6de8a

                                                                                                                      SHA1

                                                                                                                      4a5edc2aa594e0ae28ca120d1a8cc04a3dc44a64

                                                                                                                      SHA256

                                                                                                                      5ac6a7e895a509b82b7ec2f9907d22203232bf54ab76ea23345d26a208eb9cd2

                                                                                                                      SHA512

                                                                                                                      38da8356352fc57c2c2ac429932a0760753025ee52be4b6dac33ab5ca6a09c9eadf7d8aff3d427acb7458153a71284e3756c6fe2f966d9cacf4e5bc1d88aa3a2

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      114KB

                                                                                                                      MD5

                                                                                                                      18d053a05c0105b546762771a922201f

                                                                                                                      SHA1

                                                                                                                      509a86bf14bbc95f71d79740d6a27fbd99ee086a

                                                                                                                      SHA256

                                                                                                                      8fa8cbc4dac652ae03c8bef35a4f1060bc93f73aef11d2fe566436f7b8ea3fb1

                                                                                                                      SHA512

                                                                                                                      2514b17b2fc8113bd54e0a03830d55ef97dd6dea1f5909f637049510931a2130f2c3b53cb6759ebeb997e56294fe0303168054ca6162225cae43aaa2edd1990a

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                      Filesize

                                                                                                                      85B

                                                                                                                      MD5

                                                                                                                      bc6142469cd7dadf107be9ad87ea4753

                                                                                                                      SHA1

                                                                                                                      72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c

                                                                                                                      SHA256

                                                                                                                      b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557

                                                                                                                      SHA512

                                                                                                                      47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

                                                                                                                      Filesize

                                                                                                                      86B

                                                                                                                      MD5

                                                                                                                      16b7586b9eba5296ea04b791fc3d675e

                                                                                                                      SHA1

                                                                                                                      8890767dd7eb4d1beab829324ba8b9599051f0b0

                                                                                                                      SHA256

                                                                                                                      474d668707f1cb929fef1e3798b71b632e50675bd1a9dceaab90c9587f72f680

                                                                                                                      SHA512

                                                                                                                      58668d0c28b63548a1f13d2c2dfa19bcc14c0b7406833ad8e72dfc07f46d8df6ded46265d74a042d07fbc88f78a59cb32389ef384ec78a55976dfc2737868771

                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                                                                                      Filesize

                                                                                                                      2B

                                                                                                                      MD5

                                                                                                                      99914b932bd37a50b983c5e7c90ae93b

                                                                                                                      SHA1

                                                                                                                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                                                                      SHA256

                                                                                                                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                                                                      SHA512

                                                                                                                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      152B

                                                                                                                      MD5

                                                                                                                      b810b01c5f47e2b44bbdd46d6b9571de

                                                                                                                      SHA1

                                                                                                                      8e3d866cf56193ca92a9b74d1c0e4520b5a74fdc

                                                                                                                      SHA256

                                                                                                                      d1100cf9e4db12cc60cce6e0e2e3d9697e762c219f6068eb55a1390777bf4b45

                                                                                                                      SHA512

                                                                                                                      6bbf900b2f7614dd17aa6d5febe3ad1100851e2309ba2cd5219c5aa5af7bf830eec2cc88071d37987aa7e3f527b8df5b2d85e8b21b18fcb071baaab1a2eadae2

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                      Filesize

                                                                                                                      152B

                                                                                                                      MD5

                                                                                                                      efc9c7501d0a6db520763baad1e05ce8

                                                                                                                      SHA1

                                                                                                                      60b5e190124b54ff7234bb2e36071d9c8db8545f

                                                                                                                      SHA256

                                                                                                                      7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a

                                                                                                                      SHA512

                                                                                                                      bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

                                                                                                                      Filesize

                                                                                                                      137KB

                                                                                                                      MD5

                                                                                                                      9afae28cf1e88d8cb631c0423d3e586f

                                                                                                                      SHA1

                                                                                                                      65a394596387cee5a488dd70f7adbbd9518e98d7

                                                                                                                      SHA256

                                                                                                                      c487dbabc79628bb38bd3cb9b466ad36e0bb0b8018de709c67aa3c79eab0b00d

                                                                                                                      SHA512

                                                                                                                      836e499d429d9f2a8e3847721aef5d1061446a2cce2651914bc87bb90d616e0eca6435144c304e779de9ca0460aba97b908fcd93e69e51bf43c7c84632e3f164

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                                                                                                      Filesize

                                                                                                                      20KB

                                                                                                                      MD5

                                                                                                                      6a2d775d769277612a796454b727f404

                                                                                                                      SHA1

                                                                                                                      3180d339a289687eee1feca7e6cb6a08abb48340

                                                                                                                      SHA256

                                                                                                                      5dbdf64dab17a3b54845fb68a6246bd9b5f412eb4dc836156ee68799de06e77c

                                                                                                                      SHA512

                                                                                                                      a29d2b2cd0cf7f7bd92fe9e0f812e0f6ec83a5a295afd5e8dffbf3d0734f7befe02e1c80dcdd28ea7812bf274fda6ee580e2dea5f90f74996a6fba1269738a7d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                                                                                                      Filesize

                                                                                                                      65KB

                                                                                                                      MD5

                                                                                                                      0f25e9ae7693dcac68f70df214f0b832

                                                                                                                      SHA1

                                                                                                                      9948336ae2575e5017a88dd366b124338bfa38dc

                                                                                                                      SHA256

                                                                                                                      a3e80d6724cad3988c3a7af5a2dbf6a2987aa2ff12acd23502e22d0b537fb448

                                                                                                                      SHA512

                                                                                                                      099f2f3d1f77654a1943d6b4b5eb2178f7db9eec968806789aecebf889b608feb20d1cd27dc9743bb9daabf8433c89bb7a1d0d1e43d286b46e381a05958ef3d3

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                                                                                                      Filesize

                                                                                                                      74KB

                                                                                                                      MD5

                                                                                                                      6b17976c012bc2ca303c5d5dbda9989e

                                                                                                                      SHA1

                                                                                                                      2fd8da614da7adf64f51ed26aa60894bbf556c4a

                                                                                                                      SHA256

                                                                                                                      f29a362cc2471b3e9fd34533ee0141cf99df5f4c107bf767d31e52fd4590d33d

                                                                                                                      SHA512

                                                                                                                      b3085d4dbc7104216de418516145665b30c266e56b18e2092d6e7b8c671a140684e8c406bd217b30f3b084fbaa14f243e3d8f698839c1340d4eb8681ace7074c

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                                                                                                      Filesize

                                                                                                                      51KB

                                                                                                                      MD5

                                                                                                                      f61f0d4d0f968d5bba39a84c76277e1a

                                                                                                                      SHA1

                                                                                                                      aa3693ea140eca418b4b2a30f6a68f6f43b4beb2

                                                                                                                      SHA256

                                                                                                                      57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc

                                                                                                                      SHA512

                                                                                                                      6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                                                                                      Filesize

                                                                                                                      20KB

                                                                                                                      MD5

                                                                                                                      923a543cc619ea568f91b723d9fb1ef0

                                                                                                                      SHA1

                                                                                                                      6f4ade25559645c741d7327c6e16521e43d7e1f9

                                                                                                                      SHA256

                                                                                                                      bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

                                                                                                                      SHA512

                                                                                                                      a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

                                                                                                                      Filesize

                                                                                                                      21KB

                                                                                                                      MD5

                                                                                                                      7d75a9eb3b38b5dd04b8a7ce4f1b87cc

                                                                                                                      SHA1

                                                                                                                      68f598c84936c9720c5ffd6685294f5c94000dff

                                                                                                                      SHA256

                                                                                                                      6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

                                                                                                                      SHA512

                                                                                                                      cf0488c34a1af36b1bb854dea2decfc8394f47831b1670cab3eed8291b61188484cc8ab0a726a524ecdd20b71d291bcccbc2ce999fd91662aca63d2d22ed0d9f

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

                                                                                                                      Filesize

                                                                                                                      34KB

                                                                                                                      MD5

                                                                                                                      d1a0d8504b6a46215e2a4cf521ddb7b5

                                                                                                                      SHA1

                                                                                                                      3d6e16808a1e17ccdaca99f37ed30468391c62e0

                                                                                                                      SHA256

                                                                                                                      cb357178d5e09917800b0669d958b5517c4f8b322c01f2adeca3ea7fa4e707c1

                                                                                                                      SHA512

                                                                                                                      2ee68d71b04a78e1bc353f66daaeac1ab9f2e1119d7b6974571f8ef1a7a20fc1ea3903f3d90f3feffe7d820339abed4a26cabb230ddba3baa415309daad2d570

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

                                                                                                                      Filesize

                                                                                                                      32KB

                                                                                                                      MD5

                                                                                                                      a10ee24a1ae7802b3f2663f8832206e3

                                                                                                                      SHA1

                                                                                                                      33c313822b61aed7fdc216a61551f1a0511e5428

                                                                                                                      SHA256

                                                                                                                      2fd85b4910fefdfd20958ae40bb95b27e97c18d22baf6e1a9d5cf4eda6c2cd74

                                                                                                                      SHA512

                                                                                                                      0eeaa72caae875888ab71e30529091df4de86ccc1ce0ac3160e3a7624a5ab643b5cec27f1f120d1c7c9c4fff7b097eb93fc1807eaaa0a2159d74cb410d8e4f56

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

                                                                                                                      Filesize

                                                                                                                      36KB

                                                                                                                      MD5

                                                                                                                      9dc4649fa16988ec78278b9c920f1755

                                                                                                                      SHA1

                                                                                                                      39deaa15c46963f39f7495fc3071b8fe73aeac0b

                                                                                                                      SHA256

                                                                                                                      7b8f0c37f1c3a657d5aef5d898406bdc1abb324e93dde0a60864f63f298df48d

                                                                                                                      SHA512

                                                                                                                      f387f1a16c1c3299c5e7d55897ffd561d55203477a72df2251cd8f7ddd7b5180337f6f34ff7d8d208e7cba0f22a414c72f5e3cf04ce1accd39cb80e2cb2854c4

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

                                                                                                                      Filesize

                                                                                                                      92KB

                                                                                                                      MD5

                                                                                                                      3fa057a53f831ad6f787c01bdde50221

                                                                                                                      SHA1

                                                                                                                      a1fcdbaedf935bca14b366514cf7fee3e3f175a2

                                                                                                                      SHA256

                                                                                                                      efef42a7e15c6cdba8a3e03452281dbe161deb054dc90858abd0e54cc18c34b3

                                                                                                                      SHA512

                                                                                                                      6b2620574a789ad95a4e63ecdf3f76d84fd153cb664b8ac844054531b408d2d96785738efd74c1d761d5c10ced1be9ea4e9c1d019f18e2d991dcd54095cba635

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

                                                                                                                      Filesize

                                                                                                                      55KB

                                                                                                                      MD5

                                                                                                                      62ce5e754fa31ce29c260476ef7ac977

                                                                                                                      SHA1

                                                                                                                      ac1f81f1e37c0347bb9bda350427911c87132efd

                                                                                                                      SHA256

                                                                                                                      087773b73f5bf76fc4b4b6294f9ef7cbbe78f503580a4e8c58b53cf770ee0bf1

                                                                                                                      SHA512

                                                                                                                      47307b45d41589b39a23e9732e29b9810909b3edd56230afe48d451009a23c5f5b1bcf369df5588739acd303eacfedf83be8056b8f44dc3559aa3da92ad0be3f

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

                                                                                                                      Filesize

                                                                                                                      101KB

                                                                                                                      MD5

                                                                                                                      dd5a72e9dbf061181916221786baffba

                                                                                                                      SHA1

                                                                                                                      8bdb0f974e3c0be5b48b86372b789e64dc39ab8b

                                                                                                                      SHA256

                                                                                                                      d2023b1931081aa85fb81b0d6c8d463d42630a3c71c3a15891cad374d30d0b6a

                                                                                                                      SHA512

                                                                                                                      ed5071ade26dcfd9a8dd37432367d81c1170739cf8028d241e40e657b95af17852b518aa214e544af08c48f32cdc1e52fcbfae777f8e4610c15172060835c84c

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

                                                                                                                      Filesize

                                                                                                                      95KB

                                                                                                                      MD5

                                                                                                                      f552667b3c3398fc7d4bf2e5c09f0054

                                                                                                                      SHA1

                                                                                                                      7e1332e8633f8d01e188be2ec37fa4877b61c82d

                                                                                                                      SHA256

                                                                                                                      c413aa191536619c117fbcb518dc6ec2969a6294c702758d8c5f5eb052cdf5eb

                                                                                                                      SHA512

                                                                                                                      49cd0b3b326de01b6b5e981ab7eca0d97e08df7186c2047d048f84d82282773c1a248c637c1a39becf99a02edc1ff26b7d44be7960ca270d1caea6ca1dbb243d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

                                                                                                                      Filesize

                                                                                                                      105KB

                                                                                                                      MD5

                                                                                                                      af1a6635af0143507791a5825842ee5b

                                                                                                                      SHA1

                                                                                                                      5f35b36ad4dcb73658c08d912d07f803ad04f975

                                                                                                                      SHA256

                                                                                                                      fdec3353a47c2a508976ff3076b3b63512050565f241f01dca18975eeb7475b8

                                                                                                                      SHA512

                                                                                                                      7f9bb2064e70486165e23d6833f9e94f5c0f89d0c738ac9b6e62185491f09cad2a1fd7eefdeca77786f777e4893b69f0f4c11b56acaafd09be0a8b0c72ebdaf4

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a

                                                                                                                      Filesize

                                                                                                                      48KB

                                                                                                                      MD5

                                                                                                                      8d857d4f4ec82a998fb460c7db6fa3db

                                                                                                                      SHA1

                                                                                                                      e95ebe68c85c2a63985e7e87476375b0827292e7

                                                                                                                      SHA256

                                                                                                                      b0cd02b34e8eea42cf44d15d7024b495440b62cb3d79282e01d4b2eca8bcc4a3

                                                                                                                      SHA512

                                                                                                                      e1921f2e1a68d686c8dceffa8e49e5625914fccd4e5c33d308e22743a111a165dbe33870000e276e3a4014ec36774a64372b8925215450c7411d78ec1eadc9f4

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

                                                                                                                      Filesize

                                                                                                                      80KB

                                                                                                                      MD5

                                                                                                                      a181868bbaabb08c6ddd19c99f18249e

                                                                                                                      SHA1

                                                                                                                      af2295f5c1031f7c63c052e94a7f58f85e528648

                                                                                                                      SHA256

                                                                                                                      232344db94b0b69f0af6ca74b3f533050af946411dbebb1ce3ad37766a65dfe7

                                                                                                                      SHA512

                                                                                                                      dc955dca9f3e10ea3ed97abbc98a1993f490ec6b09a75760143db4bc727524a46a0184e3307872216cf3c072384423f4f5779a709331e92dcba88e5443811325

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

                                                                                                                      Filesize

                                                                                                                      54KB

                                                                                                                      MD5

                                                                                                                      9301f37b626106a4aa736464b59c27b4

                                                                                                                      SHA1

                                                                                                                      afb984ca62b766e0ef01828e28aca626ed35fbdf

                                                                                                                      SHA256

                                                                                                                      b8857d6289bbc55987e0c7b7618518a5168b2428f42dcf22c5b37f25a6fd0f08

                                                                                                                      SHA512

                                                                                                                      2f0151678be23532d90500fe941e9886b1b0fad708fdf4234c047faf502aabef53e3bc6cdbaaa57799d272e7285ad5fe0105e1aa3d10d93e78ce3e3040cda756

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

                                                                                                                      Filesize

                                                                                                                      56KB

                                                                                                                      MD5

                                                                                                                      6c87cfc1613de14cbde615938ed45c2f

                                                                                                                      SHA1

                                                                                                                      b65e947b09a311e0e42526a364858d118526450b

                                                                                                                      SHA256

                                                                                                                      77e6e27632cd989103638689fead8a4e48d6a17659bf5fa0e2167e8e11ee750e

                                                                                                                      SHA512

                                                                                                                      4c20d4c7783e5388c46fb7d61d59623628b2361c6c08a03b6923ee51dfbb2f7dd14ad0b6f9aa6887e42154b6783ffff5d3d084c02e5ddcfa144a10f5dfe3f768

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

                                                                                                                      Filesize

                                                                                                                      18KB

                                                                                                                      MD5

                                                                                                                      9f38f529d1f8c99908d1af906af082ca

                                                                                                                      SHA1

                                                                                                                      242d6a411b91a868f7dab4f8ea8b11c116104c07

                                                                                                                      SHA256

                                                                                                                      61ecc9000f3715df298747cd4e729b18676ee07bd44c573bfc1b92151f70b6fc

                                                                                                                      SHA512

                                                                                                                      782c8b1bbe572de566f0a3ee96a624e43809c08f544e17931f2daf90792913d2781fadedd1689a8298a89ac72120e14ea6c0d8f605d4f09cc65ff58b676c4c01

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      384B

                                                                                                                      MD5

                                                                                                                      2d486cfc32c059fc585d5b4e06905d4f

                                                                                                                      SHA1

                                                                                                                      ca10f66e17baa6fc273cbacbf2d79a0344c27fb8

                                                                                                                      SHA256

                                                                                                                      b5a6a2be821ac38faecde57a337b4d5d1914baad0e65e7f963bd32f02997786f

                                                                                                                      SHA512

                                                                                                                      f0376be89c04a4ded4d68cdd1662ab753322fb8259bfccb22f95ccbc9000b3a389e825a14b1451b18c223ba941bc448b309db54169d686f9ae962e2d1850faae

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                      Filesize

                                                                                                                      1KB

                                                                                                                      MD5

                                                                                                                      ddb0502e961e566da60426d4c30e5712

                                                                                                                      SHA1

                                                                                                                      0b3293d43fdf67f91a7cf5e1f9746b24a80fe66c

                                                                                                                      SHA256

                                                                                                                      12ededee9b5c3ddd8a4c264154e7ec7bc9a9b7a3c309c7672c08010c6d6bd660

                                                                                                                      SHA512

                                                                                                                      a411ea3a96215ded1f416e9140f48a8abf1b9312a8f5350d3b061ea8fdc5143efa31f94f9b617567cab65af0f0bcd5e64434a77ba6053e6b59d03a534dc42eaf

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      417b59a60d13b108baa7dd76903dea4d

                                                                                                                      SHA1

                                                                                                                      54597031408f257ab556fa0e64dad35707f2fb6d

                                                                                                                      SHA256

                                                                                                                      10aa9fce98f5543f124d3337477fb248314fb8c6700f2cb9294bc0e45beb3fda

                                                                                                                      SHA512

                                                                                                                      b2aeb2405ad80211ccb5fc50918105bca6138622810ce614c713b004b78754f4fbf69fd7d1c0ca011b2b843d06a7beef6cf0db10c4aae447cada43eca01157bd

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                      Filesize

                                                                                                                      111B

                                                                                                                      MD5

                                                                                                                      285252a2f6327d41eab203dc2f402c67

                                                                                                                      SHA1

                                                                                                                      acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                      SHA256

                                                                                                                      5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                      SHA512

                                                                                                                      11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      87bc1c9fea8abe7cf06bb98f3a5fc158

                                                                                                                      SHA1

                                                                                                                      6f48ed33f4c1b77b1ff7b7d0d67041fc2ffdd09c

                                                                                                                      SHA256

                                                                                                                      a54a3842898b9171b533f6e4c0f37493a446b2fb00bd2b99547e7195f9d7fa2f

                                                                                                                      SHA512

                                                                                                                      ce3a65618d1c705676ab4fb6e61d6a40bbe6abd1a2b22bceaafbe242f5bc435d3830cadcbc90d36576ac96f878fb9445336b30a0c9c7c9431dec475307df34b5

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      5KB

                                                                                                                      MD5

                                                                                                                      a6e4d1f2b9a85135438f8f0cf810fbeb

                                                                                                                      SHA1

                                                                                                                      a8af99fb40a86cd8263d22d2e822b8a626344c51

                                                                                                                      SHA256

                                                                                                                      6c5ddfb64becc454ec4583e4c3df741831878d39cc3cca8e5348e240c9acbc5d

                                                                                                                      SHA512

                                                                                                                      33af89d9420273e098de382586accc451a23da6e8dfc065f063761c04535beb948a8703cf3d7f6222d72cecc1e13a83dd82c5505c1967bd8cba2bbbe54eb89f4

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                      Filesize

                                                                                                                      7KB

                                                                                                                      MD5

                                                                                                                      032e01aa8988e9dadadf88667463b3bd

                                                                                                                      SHA1

                                                                                                                      1d4964bb0e686260631bc42ed758267838e39ab7

                                                                                                                      SHA256

                                                                                                                      a1e0e1ffed126f4fdf1a8c6f2a6ff3930faa7a575f8cc1e59a81621503654d4c

                                                                                                                      SHA512

                                                                                                                      d417039c7299db304da10f7a33b3e5526cdf555dbf99a142bda6a613752b6e6a5c63469c9f275ce946822f1d881452b5d2977576a6663a5c68773f712a65fb90

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

                                                                                                                      Filesize

                                                                                                                      24KB

                                                                                                                      MD5

                                                                                                                      121510c1483c9de9fdb590c20526ec0a

                                                                                                                      SHA1

                                                                                                                      96443a812fe4d3c522cfdbc9c95155e11939f4e2

                                                                                                                      SHA256

                                                                                                                      cf5d26bc399d0200a32080741e12f77d784a3117e6d58e07106e913f257aa46c

                                                                                                                      SHA512

                                                                                                                      b367741da9ab4e9a621ad663762bd9c459676e0fb1412e60f7068834cbd5c83b050608e33d5320e1b191be1d809fef48831e0f42b3ecabd38b24ec222576fa81

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      707B

                                                                                                                      MD5

                                                                                                                      72b06fdf11dd4f1a241dccf4ecfa2322

                                                                                                                      SHA1

                                                                                                                      c2da2212ef9e2482ccdad143f777e1a786012811

                                                                                                                      SHA256

                                                                                                                      135aada9d5c9d91c4006ac75ee7b920886c3fb37fdeab48376beca721ed61588

                                                                                                                      SHA512

                                                                                                                      e454a8e56f840954f8e4a575f737567e010e3448509af0f24d8a5e8177222fc8f0bb6d65c7131a8c513aa2085105bd308f233a75ba01cb88bf3ae013382dfd43

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      707B

                                                                                                                      MD5

                                                                                                                      67bc4050268155e75606f4e9cd107475

                                                                                                                      SHA1

                                                                                                                      eccd77590993933201f1aab20bb85639e6129e69

                                                                                                                      SHA256

                                                                                                                      678b651b1380bf620e15ab71ddd2d7f586ba773f8a79ecefda9bbc9b3c87b476

                                                                                                                      SHA512

                                                                                                                      92f7bb3b2a7d52f5ad336749d4ce47ae35b11d9e0218cbc80a6002634ffccbb61117d8229dbbc95018513d616c023389eb4006e0c56eb68b12b529226d0ffc81

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      707B

                                                                                                                      MD5

                                                                                                                      0f8bee70d67b865e05a48d059b16521f

                                                                                                                      SHA1

                                                                                                                      b4bf587ad837329a00877dcef2342df1735c57d9

                                                                                                                      SHA256

                                                                                                                      0d5e168555d0a1c8b778763993cf98547990e2dfcfdac76a7a6ee55bb5c82cb4

                                                                                                                      SHA512

                                                                                                                      e6c5f49d96f55f57cca8f71606b743adcbb55a7f34696846fbc8df4c9573b75aea95377d09f75f338d7ed36674ca477241be6eb0001e8b72048620e79d125215

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                      Filesize

                                                                                                                      707B

                                                                                                                      MD5

                                                                                                                      6a64389505a83776c14a77abc8fade00

                                                                                                                      SHA1

                                                                                                                      2c7675ae03d19469ae4cdb7a113d4a41125e75a6

                                                                                                                      SHA256

                                                                                                                      dbf20ac93e8f6852af4ed512ff6e6e99541fe264c0478cfc1ae47b8558dfc37d

                                                                                                                      SHA512

                                                                                                                      e8d0fc07f4e7fbb4944ca62fd378df6b5f6f161c03a09aaf30fd5408e7bb52e1647f38fa9ac8e270c59f08dcac538185640eef519a863b7bcb2ccedfa6cb21fc

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58be4a.TMP

                                                                                                                      Filesize

                                                                                                                      539B

                                                                                                                      MD5

                                                                                                                      15bdb012e2cc75943d8c38250a7e17d0

                                                                                                                      SHA1

                                                                                                                      05a36136ab4aa0f9fa1f11ad5745db3eb2e65319

                                                                                                                      SHA256

                                                                                                                      38161a498f1de0c54cc85d12259dd154543eeb3b28315105c27a9943d4c67586

                                                                                                                      SHA512

                                                                                                                      86af45050717825968b7c67c3e8880aed08011b0160de966f2457e748f566f54259ab5dce8d818466a00bb8c0d8a76f4309f6d7c449421af7c379601c1522a7c

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      a18f22b30d2ba8385822cd620b5e8f06

                                                                                                                      SHA1

                                                                                                                      fa416769544aeaee1f08507d2c2f21efdab5e7fc

                                                                                                                      SHA256

                                                                                                                      452a76582d8f6c3af792a4f5d8fb0bbff278d70759e4f7c5ae14733fab2b2fa2

                                                                                                                      SHA512

                                                                                                                      ba50655636c7467fee8232873b75573a3ccac3db154af0428f611a824cd55403ed59d24781888a9104d7819cdcbd6ae2abcbb8e004a41133247392cc331a91d0

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      4995cf4005d9b7852d422495efd98e44

                                                                                                                      SHA1

                                                                                                                      37cf8c12a3e5c7b9b90cf1d4d3d1c59304b94f2e

                                                                                                                      SHA256

                                                                                                                      facb77115fb37e7585f4d0834c7f3241ab3377fb71cf3374ac23d4d3d643e499

                                                                                                                      SHA512

                                                                                                                      9c8710215e837fa8ae2db7a28562989d4586e2678524ce98004790cfb67279810be75fe662e94cdd955a37222879e2fee3375f518fc03bb673d2e155afae5b75

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      b369b9d82077b703738e59ca380f07d3

                                                                                                                      SHA1

                                                                                                                      1cc39fa2d4f37e8256855548d390ca607cc7e4bc

                                                                                                                      SHA256

                                                                                                                      73c2cb5d27ada0ad0a00a010838543086e74b66e85f77c6bc083c0637b2c6f8e

                                                                                                                      SHA512

                                                                                                                      a943046569ece8c410726c0e6d80234e6043feaf96b4982c9063a67afee272825e6cf6e586da2451419923de45c296e6ed82b535db81e28f5da1d3865b14bb25

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      1ae77e9e5edec16784ef24d2664bc439

                                                                                                                      SHA1

                                                                                                                      bd5d2cecf138a62932d03d395a96dcfac4c06b21

                                                                                                                      SHA256

                                                                                                                      c2fdb2ea41e31d70217aae4c07f29d2ca2517f5910c3b23e17d279062eaf4a03

                                                                                                                      SHA512

                                                                                                                      5d2cbc8cc85b9c74795df5e9214f4bed03e6dfd504c98938940f9feadf1f42b88252a936ebef15409396f600ddb9f114aa7a23557c0b1f99a1eb01430984668c

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      a06e899237bf9292e03de94fefe4773e

                                                                                                                      SHA1

                                                                                                                      f793257884bd77d0c4d153e88d378a3c2b66470a

                                                                                                                      SHA256

                                                                                                                      7f8c9a9bdeb714d3e31d6560cba79ad81ccd1c7e649588115e3d133075510e98

                                                                                                                      SHA512

                                                                                                                      68abeba900333c17ad2b3568d5307aaf529d5c2088fbc660fa8f7c626b8f358e6d4b453f4437aff9fb698a6cdb43d0a76f036705603267720029aba3323c3cae

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      2KB

                                                                                                                      MD5

                                                                                                                      dc403b8f5ece83a5cd1145f140a2bc01

                                                                                                                      SHA1

                                                                                                                      2f4c7b7511f93549bfb1b693236a416ed9ab3586

                                                                                                                      SHA256

                                                                                                                      7d727597b429874d21267f2fa0b36b3b208ab9836303734fc13c284db4ab5ec7

                                                                                                                      SHA512

                                                                                                                      a9e9be48c012437e12d2555a96e81270f07ff2ce63fa1f57a99052235e0cb97a192410edff5fd7fa2ec8f6424a2b21c46eae46b09e6777552275de1e680900c6

                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                      Filesize

                                                                                                                      10KB

                                                                                                                      MD5

                                                                                                                      65e06a26ad309d26e4b14005d4a6efae

                                                                                                                      SHA1

                                                                                                                      5d48c53d67a4e7eb7fd4dcccf6be31c64623c19e

                                                                                                                      SHA256

                                                                                                                      cf1cda87e0af6472c5de29f9248e6c2aceb51e1478443b3d69d7f8067bffba6e

                                                                                                                      SHA512

                                                                                                                      d9d2aa7c09fb98b889dd4cca325041bcc43f9f3ec4f5b4f1cf32a1cc13b44a84b7df679a7caedbf4298d3ca658d4863bf5014cf8ce98e2beacbb043fd5117f96

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs-1.js

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      bdc089a0dacb6b8be42a02059cffcd49

                                                                                                                      SHA1

                                                                                                                      7254523265787e1b15f0a639bf876f405e60d6ec

                                                                                                                      SHA256

                                                                                                                      5ccf8c403a088bb56e5875315e4c28ddd441b4efca98f385394c0c2e9b09f66d

                                                                                                                      SHA512

                                                                                                                      9ec4382a2706971cf14892e708aafa6cbb4b31eaeb9c6ee2946c6cb85eb2518a45901c4c43d92791c3e2f4bd46a8449ea1140428c032462c949511c866dfe58b

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\prefs.js

                                                                                                                      Filesize

                                                                                                                      6KB

                                                                                                                      MD5

                                                                                                                      875e1475e59b47a9af218dd7eafbd30e

                                                                                                                      SHA1

                                                                                                                      7dac1faff3a0a70e2a77bd5f6498632c1a48646c

                                                                                                                      SHA256

                                                                                                                      6c5f0d8d0434d58362eb08095af02b878d550d2addbf97ece102b1db34a093bf

                                                                                                                      SHA512

                                                                                                                      98fc58f5563eebf63e056c4f9566374c583c2e7fb7b0422858c7304244963970077b0fc6fd19ec225870d6f7d19d59681ff8c230063ba319b3ea4ed3d04ba30a

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                      Filesize

                                                                                                                      272B

                                                                                                                      MD5

                                                                                                                      39869871b8a9f83cffe029d1469eeede

                                                                                                                      SHA1

                                                                                                                      9fa00a0333576bee8af01705a46980422847c934

                                                                                                                      SHA256

                                                                                                                      022b7d94b142d31414e79d3be5445c5d857a1c13412221f0cccdb5567caef9ed

                                                                                                                      SHA512

                                                                                                                      c3c88fb3dc4b5ab2fbb7b7a385a59bc8610a5f1f4487cec61386fcba2cc91ae94a93461e4f7c91951b9bf213c2b31c05f5e69b76e8a058492a9942837f182232

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\sessionstore-backups\recovery.jsonlz4

                                                                                                                      Filesize

                                                                                                                      271B

                                                                                                                      MD5

                                                                                                                      63fa228cec68545c79f3c71c56e4812c

                                                                                                                      SHA1

                                                                                                                      b802d4c3aa65aa5d8832daa69c5bae55cae88867

                                                                                                                      SHA256

                                                                                                                      5aa951cef8240a05803fd1334fac3818a9c1b6076f34f1a476213299ed2bb5dc

                                                                                                                      SHA512

                                                                                                                      87dd25fe76ab1c6931e355ae48cada5a9f0e3c849ae094701cfc879d409b4955830acc5a636353e5ad3a6b636784d938d038420653060a056a12532c9ffb0f2f

                                                                                                                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\x3x6afp6.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

                                                                                                                      Filesize

                                                                                                                      184KB

                                                                                                                      MD5

                                                                                                                      32285f43af25cf830ab6440997697e09

                                                                                                                      SHA1

                                                                                                                      7efbb132a52d29f46877487f4dd576ace33711b4

                                                                                                                      SHA256

                                                                                                                      540030c006ecd189f2853246fb959691cc6d3df5c4634689d07e5df6a6c97f56

                                                                                                                      SHA512

                                                                                                                      7bee6e1d00e16821e52f3d85af8bd3f6fc39a92563329ee56e64953fd94696d5931f26948dbea99161a0a3a2f0c080750eed86e7a6f7b84fac06c0494cac675f

                                                                                                                    • \??\pipe\LOCAL\crashpad_4932_QHGKLVHOYEZWYJRG

                                                                                                                      MD5

                                                                                                                      d41d8cd98f00b204e9800998ecf8427e

                                                                                                                      SHA1

                                                                                                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                      SHA256

                                                                                                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                      SHA512

                                                                                                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e