Overview

overview

4

Static

static

1

URLScan

urlscan

1

https://www.youtube....

windows10-1703-x64

4

Analysis

  • max time kernel
    133s
  • max time network
    135s
  • platform
    windows10-1703_x64
  • resource
    win10-20240214-en
  • resource tags

    arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
  • submitted
    20-02-2024 19:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.youtube.com/watch?v=-bnVGH62Yho

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 5 IoCs
  • Checks processor information in registry 2 TTPs 8 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
    adwarespyware
  • Modifies registry class 64 IoCs
  • Suspicious behavior: MapViewOfSection 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 8 IoCs
  • Suspicious use of FindShellTrayWindow 10 IoCs
  • Suspicious use of SendNotifyMessage 9 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Windows\system32\LaunchWinApp.exe
    "C:\Windows\system32\LaunchWinApp.exe" "https://www.youtube.com/watch?v=-bnVGH62Yho"
    1⤵
      PID:3532
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4724
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:2228
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:5100
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies Internet Explorer settings
      • Modifies registry class
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:4216
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:3356
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:2476
    • C:\Program Files\Mozilla Firefox\firefox.exe
      "C:\Program Files\Mozilla Firefox\firefox.exe"
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:4444
      • C:\Program Files\Mozilla Firefox\firefox.exe
        "C:\Program Files\Mozilla Firefox\firefox.exe"
        2⤵
        • Checks processor information in registry
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2268
        • C:\Program Files\Mozilla Firefox\firefox.exe
          "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.0.787619710\977841503" -parentBuildID 20221007134813 -prefsHandle 1672 -prefMapHandle 1664 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {9f505502-4692-433d-8d62-36064c01e880} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 1764 1f885704158 gpu
          3⤵
            PID:700
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.1.718792447\1496552935" -parentBuildID 20221007134813 -prefsHandle 2108 -prefMapHandle 2104 -prefsLen 20828 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {627568ea-bc39-4303-b654-2d6999f96954} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 2120 1f8ffb3e558 socket
            3⤵
            • Checks processor information in registry
            PID:4420
          • C:\Program Files\Mozilla Firefox\firefox.exe
            "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.2.1335960764\408502999" -childID 1 -isForBrowser -prefsHandle 2840 -prefMapHandle 2668 -prefsLen 20931 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d9b1a910-7411-4dc4-b9c1-cb6ce947bf6d} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 2672 1f88939f558 tab
            3⤵
              PID:5100
            • C:\Program Files\Mozilla Firefox\firefox.exe
              "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.3.244079709\152352690" -childID 2 -isForBrowser -prefsHandle 3108 -prefMapHandle 3052 -prefsLen 26109 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d1700dda-b06a-4eb0-9efe-4328f58e2185} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 3464 1f8872b2458 tab
              3⤵
                PID:796
              • C:\Program Files\Mozilla Firefox\firefox.exe
                "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.4.1296741790\1834311399" -childID 3 -isForBrowser -prefsHandle 4408 -prefMapHandle 4404 -prefsLen 26168 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ea80f550-d78f-4bb6-9568-95e261fac877} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 4420 1f887866158 tab
                3⤵
                  PID:4756
                • C:\Program Files\Mozilla Firefox\firefox.exe
                  "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.7.646360546\1210299393" -childID 6 -isForBrowser -prefsHandle 5228 -prefMapHandle 5232 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d28aa830-8d2e-4904-b723-0c8022f00a48} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 5220 1f88c618558 tab
                  3⤵
                    PID:1676
                  • C:\Program Files\Mozilla Firefox\firefox.exe
                    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.6.124097092\1388854038" -childID 5 -isForBrowser -prefsHandle 5084 -prefMapHandle 5088 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {d0b685a6-b1a3-427e-aadd-2777bcecf1b6} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 5076 1f88c618858 tab
                    3⤵
                      PID:3444
                    • C:\Program Files\Mozilla Firefox\firefox.exe
                      "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.5.941654315\1002616222" -childID 4 -isForBrowser -prefsHandle 4960 -prefMapHandle 4844 -prefsLen 26249 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {6212cd89-dc1a-4321-bba1-085bcd2b0e15} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 2576 1f88c615b58 tab
                      3⤵
                        PID:4088
                      • C:\Program Files\Mozilla Firefox\firefox.exe
                        "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="2268.8.699894123\1772765493" -childID 7 -isForBrowser -prefsHandle 5664 -prefMapHandle 5668 -prefsLen 26424 -prefMapSize 233444 -jsInitHandle 1072 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -appDir "C:\Program Files\Mozilla Firefox\browser" - {ca372d9b-a3ea-4c0b-8da0-f744a77f1a05} 2268 "\\.\pipe\gecko-crash-server-pipe.2268" 5656 1f88d3d1058 tab
                        3⤵
                          PID:2872

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\HNBFU06F\scheduler[1].js
                      Filesize

                      9KB

                      MD5

                      dac3d45d4ce59d457459a8dbfcd30232

                      SHA1

                      946dd6b08eb3cf2d063410f9ef2636d648ddb747

                      SHA256

                      58ae013b8e95b7667124263f632b49a10acf7da2889547f2d9e4b279708a29f0

                      SHA512

                      4f190ce27669725dac9cf944eafed150e16b5f9c1e16a0bbf715de67b9b5a44369c4835da36e37b2786aaf38103fdc1f7de3f60d0dc50163f2528d514ebe2243

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KEAVB0Z5\css2[1].css
                      Filesize

                      2KB

                      MD5

                      31aac18e149a751facc1eab7954dfb7b

                      SHA1

                      36d367dcc77416a166aecabb5f6fb5c6c29f3632

                      SHA256

                      42706c41583de3f0028f16bad17197dde81807d148ba848ea3924aff4bb8b532

                      SHA512

                      df83002d751e6e73377b15966fa5ffacc7f6e2318821c691209fac9b6991d1113b385ca1fbf21e02455a5e5702d4247716c6d03d1938506e6ca740cdeffce351

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KEAVB0Z5\web-animations-next-lite.min[1].js
                      Filesize

                      49KB

                      MD5

                      44ca3d8fd5ff91ed90d1a2ab099ef91e

                      SHA1

                      79b76340ca0781fd98aa5b8fdca9496665810195

                      SHA256

                      c12e3ac9660ae5de2d775a8c52e22610fff7a651fa069cfa8f64675a7b0a6415

                      SHA512

                      a5ce9d846fb4c43a078d364974b22c18a504cdbf2da3d36c689d450a5dc7d0be156a29e11df301ff7e187b831e14a6e5b037aad22f00c03280ee1ad1e829dac8

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KEAVB0Z5\webcomponents-ce-sd[1].js
                      Filesize

                      95KB

                      MD5

                      c1d7b8b36bf9bd97dcb514a4212c8ea5

                      SHA1

                      e3957af856710e15404788a87c98fdbb85d3e52e

                      SHA256

                      2fed236a295c611b4be5b9bc8608978e148c893e0c51944486982583b210668a

                      SHA512

                      0d44065c534313572d90232eb3f88eb308590304c879e38a09d6f2891f92385dc7495aabd776433f7d493d004001b714c7f89855aa6f6bec61c77d50e3a4b8e6

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KZ5TPJ4W\rs=AGKMywFN-BP5NMzscjRyaokV3Kf0LIIuxg[1].css
                      Filesize

                      2.6MB

                      MD5

                      fd82f57a344f2cdb244e05cfad52f334

                      SHA1

                      a635d0af87faabf12950b5ec5e19ffb53b0eb68e

                      SHA256

                      120ffc04500d7ad869c66619dd370065e8e480dc77d158ba8a4f54154e687d61

                      SHA512

                      c7dcd52980947cd31f991b74cbcc904f777dda7d750f23915ee1a64e243ee28a21de64ff79ee9b64bc3f3d66a31bfdd8225b994ea4ed6dd9433e536ddc990d7f

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KZ5TPJ4W\www-i18n-constants[1].js
                      Filesize

                      5KB

                      MD5

                      f3356b556175318cf67ab48f11f2421b

                      SHA1

                      ace644324f1ce43e3968401ecf7f6c02ce78f8b7

                      SHA256

                      263c24ac72cb26ab60b4b2911da2b45fef9b1fe69bbb7df59191bb4c1e9969cd

                      SHA512

                      a2e5b90b1944a9d8096ae767d73db0ec5f12691cf1aebd870ad8e55902ceb81b27a3c099d924c17d3d51f7dbc4c3dd71d1b63eb9d3048e37f71b2f323681b0ad

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KZ5TPJ4W\www-main-desktop-player-skeleton[1].css
                      Filesize

                      2KB

                      MD5

                      2a5f27d8d291d864d13eaa1f5cd9cd51

                      SHA1

                      b39f9b99b924e5251ac48fad818d78999cfd78d4

                      SHA256

                      056232b6127143e2f8bf4218db355d978e1e96f5dedcce59a9f5d6ab92b437f1

                      SHA512

                      1b54f1e13cb38e41f2a65db3cdc2bc702a9e963751b1ef0338d67b95816441b0143e1d4dabc99f276a04f9c00570bb8933f1bd87394998b3878c268b08ecf24a

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KZ5TPJ4W\www-main-desktop-watch-page-skeleton[1].css
                      Filesize

                      5KB

                      MD5

                      81b422570a4d648c0517811dfeb3273d

                      SHA1

                      c150029bf8cebfc30e3698ae2631a6796a77ecf1

                      SHA256

                      3c8b38d9b8a3301c106230e05beeedbcd28b12681f22fd9b09af9e52dc08635d

                      SHA512

                      1d4966a88d7cf6be31b8f53547a12db92cabb4c05176abe995c75c8889765ec68b7210c3be75f60954ceb2938412fbdeb94d4d25ddc927f3a89eca76a84a9ebc

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KZ5TPJ4W\www-onepick[1].css
                      Filesize

                      1011B

                      MD5

                      5306f13dfcf04955ed3e79ff5a92581e

                      SHA1

                      4a8927d91617923f9c9f6bcc1976bf43665cb553

                      SHA256

                      6305c2a6825af37f17057fd4dcb3a70790cc90d0d8f51128430883829385f7cc

                      SHA512

                      e91ecd1f7e14ff13035dd6e76dfa4fa58af69d98e007e2a0d52bff80d669d33beb5fafefe06254cbc6dd6713b4c7f79c824f641cb704142e031c68eccb3efed3

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\KZ5TPJ4W\www-player[1].css
                      Filesize

                      365KB

                      MD5

                      101ce6bec017fdeda83aaca342362aaa

                      SHA1

                      3495e40a0e1427dfe2668d100b748e3b2be51c13

                      SHA256

                      52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3

                      SHA512

                      50a83664f427ca8a742031f4b42566510be0a1a3d1cf671701bf47c038d963126e61b7b995ed2760f1e031f96d6d60d5e4757fac2e60f766e9d34c1a85d3bff4

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\LL1CYVW0\intersection-observer.min[1].js
                      Filesize

                      5KB

                      MD5

                      936a7c8159737df8dce532f9ea4d38b4

                      SHA1

                      8834ea22eff1bdfd35d2ef3f76d0e552e75e83c5

                      SHA256

                      3ea95af77e18116ed0e8b52bb2c0794d1259150671e02994ac2a8845bd1ad5b9

                      SHA512

                      54471260a278d5e740782524392249427366c56b288c302c73d643a24c96d99a487507fbe1c47e050a52144713dfeb64cd37bc6359f443ce5f8feb1a2856a70a

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
                      Filesize

                      1KB

                      MD5

                      a044ece54fe8f9b5fd71dbe1be02ed70

                      SHA1

                      60a726a2bbb13296d6258c7949fff5e861ab5ecb

                      SHA256

                      e9246604f91ddd4a6a221c8f0b8355ccb1b67e4b8ade2d59034bba005be55967

                      SHA512

                      38a760a0dc33873d06164f01a72bc7479d25ca01a43eb89a3fa528427651508709ed323a22443f5959fefc026208cb5f3d4e113943ae071173e64d32aa2065b5

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
                      Filesize

                      724B

                      MD5

                      ac89a852c2aaa3d389b2d2dd312ad367

                      SHA1

                      8f421dd6493c61dbda6b839e2debb7b50a20c930

                      SHA256

                      0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45

                      SHA512

                      c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED
                      Filesize

                      472B

                      MD5

                      aeaeec59350a548971f8d1636b471685

                      SHA1

                      4254a97ed9d7c7a25b4bc6fa7f49aee505f0ffc2

                      SHA256

                      73681f1e257b87074b7b08e6073dea1b0204ee7eab4db48a8555a1852758afd2

                      SHA512

                      352f59c14630b64c2e170f6b7b84d3d47bdf774addf5008e47458d942ff5208dcd73adcada33b938ccc9fedfd61f1f0f07355c178cc9a1aba13fac215cfca9a7

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\F2DDCD2B5F37625B82E81F4976CEE400_FFB46CECE484AA2EE6ADD02001DDCE14
                      Filesize

                      472B

                      MD5

                      040c26b6df71b3d4539cc49ccbdc71f5

                      SHA1

                      9114a7e778ade95e10a57170b74bf6b4a6a7c2aa

                      SHA256

                      57eae9104a2a5e699d6f563ff438052fac9777bbe072ca0d855294cd509bdf36

                      SHA512

                      4ea292045c41f14fde25cee65910f933db065a1360b9d3dce44558c18524e5898b4448a7dce5bfd5ab3d8c87c3a466ddde3affec288b47739b61921d99bebd0d

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA
                      Filesize

                      410B

                      MD5

                      1cac6b4e66f3d0194d02df6f5e8e4776

                      SHA1

                      deabf3fbe2861f7cdf3f856fda68f96ec5def99d

                      SHA256

                      a7e8c9b73b597c850bac31e1969af1d4546acce14b18975195367d3d841ea569

                      SHA512

                      fe1fc7ff53e584fd6c3b687e044fa32d5bfc981739460510a035d347c1b33b6a6017bede7fe88e661ac3668c1f2937ba85f0f39c105c4d09d8461a29157f017b

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA
                      Filesize

                      392B

                      MD5

                      be6048dcf078b7347c3ff6769393bd79

                      SHA1

                      2b8458ccd625370382d371de32ddb3b56a3489ef

                      SHA256

                      e108ea1890515fc55de9827cda3cb13c768d666a0f8f4c47ac71ad0653a07264

                      SHA512

                      63d462943657834fdde3f94c2af68d6fd3485a2afec086833f6f4e1a7e431ee5c8fb67a0625ef9b53e35aed53334839f74a652d210fe1d35e5723801bfc980bf

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F07644E38ED7C9F37D11EEC6D4335E02_77B1CCFAF3D0516ED1D1368847DAC1ED
                      Filesize

                      406B

                      MD5

                      ee10d92b8738dc64bc4bf1d6131935d2

                      SHA1

                      bd747e3c18bfa44f48de65a0dd6c3d608552a615

                      SHA256

                      656fbdfa08cb2e7f6dc9d3932edfbf24d746e5d249892570c9d30f900603b94a

                      SHA512

                      ab157400d1972b4728eb125cf1c19d2cc71cc28286317cfdfc12276b4890cdc260c24640ab6fc2bd456bd928c258e2f35ee27fec8732f95c760925d7a8075c02

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\F2DDCD2B5F37625B82E81F4976CEE400_FFB46CECE484AA2EE6ADD02001DDCE14
                      Filesize

                      406B

                      MD5

                      669dcd637173d83f353bc723910be606

                      SHA1

                      6d21aac964f58f55b4d78104294ce19d3a5fd484

                      SHA256

                      b9d83d32880fcc8e9ec4119574708f23491b96f69c441946265e20f635bf694f

                      SHA512

                      1d8556eaecf8ada4c6bebe44d125e23d9b055991f77961d4e9fa33c9722139c53d84404778045a8f47bbd4629bb3b2e9bac3aabee4a8e9513281b45b30fff131

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\datareporting\glean\db\data.safe.bin
                      Filesize

                      2KB

                      MD5

                      b3dd935c8aacf816491b2418820fb027

                      SHA1

                      e89c491ca698caed1b9adf782c00286abf741423

                      SHA256

                      648e5599503bcf309da2ea31f1ca80511d2fbb2284bf9becc4e5b61aa71ebc3e

                      SHA512

                      cec938d6b23ec197d46abac2961d392875c26fb9a6c1420f60934dd0c23a10eeca6466f5adc74077b6570cfbb2212b63125acdafa9c9896f4e1fde4effd75ba7

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\datareporting\glean\pending_pings\4f27a097-afc3-4576-bcd7-d3b8ed3ca6a6
                      Filesize

                      746B

                      MD5

                      b16630f5bb5a5e69fb2aa0dbed97999a

                      SHA1

                      5d3be5a517fb92a06d2cb85897d8c7c3741f2798

                      SHA256

                      63b570b5bddf70bcef07aa86c2420fa8a44651fd974b2de8e3c1fc54818422d6

                      SHA512

                      4d3ff1fbe7f3d370f6f78e21475d811dedea7d95fca0fd70b04f299f4925d4c031c8e4082ffd738fa110c207da4f3dfd5cc5ce80c9dfa37f8530074dffcadfa8

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\datareporting\glean\pending_pings\55aa2eef-6bf0-4c1b-a167-5daef32d8b77
                      Filesize

                      10KB

                      MD5

                      46c8458e636026488a3ce2c934e7d273

                      SHA1

                      fb67c3393807222bf01d55143d7dc9ef856b289f

                      SHA256

                      b6853d81d3353b18481c1c4a888a9bc432afebb9f558eac015de3c054be8348b

                      SHA512

                      446e1cc4705c19ed5ea0c500b19bbfa01226a62e53cf62e6061791024e4c1754837e61416160929dc3369420bffdc55e29e34b8215b319a049eace3fd7c01518

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\prefs-1.js
                      Filesize

                      6KB

                      MD5

                      02fc38ea9f0024a5a4f22741150e3f0b

                      SHA1

                      cbd8acdf6fb75c6e233760126a13ea8ee27b74f1

                      SHA256

                      b31f2dbb9cfd0f5870a77a8de242b333146252ed065e473b721e86b423b9e9f9

                      SHA512

                      47f99bd42ec83f04fb593124cef35e3e21362507b91a98048fa2c59c9652ebd88ba2ed618aba5c71c807945bcf42319c8c03a96b7dd6b5198a2af85c8ea52f39

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\prefs.js
                      Filesize

                      6KB

                      MD5

                      440372774455065297481e71abfd1158

                      SHA1

                      5e2be75229f3018823d441c2547defccf513aadf

                      SHA256

                      1784215da7530119660918280840ff31ada701d25338ac5172423edf27534b51

                      SHA512

                      254abd02aa894194aaec8e39ca5ff77f225e1fcf015999f105885be6ee0bfb46f5b772ba2225b6c5444978314dbe75506545d73398d0b4cfc94bf4f12ee78489

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      3KB

                      MD5

                      bc713f56b569b59840698fa21d3e9d1f

                      SHA1

                      b07e1364293698957f23990f1d52ea57f4b25a3c

                      SHA256

                      035e90ff056165b527a15f8ff18695c00e47b6573c038ed7cc853ffa9c2a1d62

                      SHA512

                      6885b65097f59b180898f2e6a4f50d43806d0c4f1e3bb10cfe3c249a58adfd9c5b1f43787b1a0355f172e81d36c7aa785e8f6cdfd5745e44fd2bac907380390a

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\sessionstore-backups\recovery.jsonlz4
                      Filesize

                      4KB

                      MD5

                      23f1f78ae1f3d059443e9d38329125de

                      SHA1

                      54cef3beab0fb497c0637d930ca937bf9670b84e

                      SHA256

                      6e45d60d033ccc81d93902439cf897cfab7d68140bec5cad5eea3a3312c3f9f9

                      SHA512

                      c052c443bcf9cacf0844d7628400d30cc3b637dfc3762a73906159a11b98f7a9a4711127286792c45d4eee27465a2a50b4b354858ba1d7239cce4468f9ec733e

                      Download Submit

                    • C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\1zsiigt9.default-release\sessionstore.jsonlz4
                      Filesize

                      4KB

                      MD5

                      5bcd5760c00ed25adbe8932476312277

                      SHA1

                      c8a694b780ac4cd1807c547488507e411a7d10fa

                      SHA256

                      5473e11cf4bcc2532a67e3e87409fc1e0c2f5a2eedbe65f9897427acac23cb4d

                      SHA512

                      2aa42744ce86dbee40d0835bf75c3e312421a0f6f2f02d793ef06ba8378683a73eb765208218c197f58ed7dbfc350c95c20f47d1f6555def2fef73e9b5e54554

                      Download Submit

                    • memory/2476-177-0x000002A1F33E0000-0x000002A1F3400000-memory.dmp

                      Filesize

                      128KB

                      Download

                    • memory/3356-73-0x000002BCF9F60000-0x000002BCF9F62000-memory.dmp

                      Filesize

                      8KB

                      Download

                    • memory/3356-66-0x000002BCF9980000-0x000002BCF9982000-memory.dmp

                      Filesize

                      8KB

                      Download

                    • memory/3356-71-0x000002BCF9EA0000-0x000002BCF9EA2000-memory.dmp

                      Filesize

                      8KB

                      Download

                    • memory/3356-83-0x000002BCFA400000-0x000002BCFA420000-memory.dmp

                      Filesize

                      128KB

                      Download

                    • memory/4724-199-0x0000021101E00000-0x0000021101E01000-memory.dmp

                      Filesize

                      4KB

                      Download

                    • memory/4724-195-0x0000021101F40000-0x0000021101F41000-memory.dmp

                      Filesize

                      4KB

                      Download

                    • memory/4724-192-0x0000021101F80000-0x0000021101F82000-memory.dmp

                      Filesize

                      8KB

                      Download

                    • memory/4724-16-0x0000021101D00000-0x0000021101D10000-memory.dmp

                      Filesize

                      64KB

                      Download

                    • memory/4724-35-0x0000021101F10000-0x0000021101F12000-memory.dmp

                      Filesize

                      8KB

                      Download

                    • memory/4724-0-0x0000021101820000-0x0000021101830000-memory.dmp

                      Filesize

                      64KB

                      Download