Overview

overview

10

Static

static

1

code.vbs

windows7-x64

1

code.vbs

windows10-2004-x64

10

Resubmissions

21-02-2024 13:43

240221-q1lzrsgb5v 4

21-02-2024 13:07

240221-qc3ydaff7s 10

Analysis

  • max time kernel
    411s
  • max time network
    395s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-02-2024 13:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    code.vbs

  • Size

    5B

  • MD5

    48eda5955b82fbed788fc08137405c47

  • SHA1

    acda1e84d1afc706f272fcc7e1ffd918f485effc

  • SHA256

    e477d3121a6ded4b09402445a8473f79e34ae2ffcd394c581f376849c01be27b

  • SHA512

    88131ef8da6fa5ccb29592454af0d5b211a6ae6370f3e9bfdaefa26a0bb4e37e13a6924f36ced4a33c469ee550a621af23d028e3711692c02644e6313e465f93

Score
10/10
cerberdiscoveryevasionransomware

Malware Config

Extracted

Path

C:\Users\Admin\AppData\Roaming\Microsoft\OneNote\16.0\_R_E_A_D___T_H_I_S___1H97ZQ_.txt

Family

cerber

Ransom Note
Hi, I'am CRBR ENCRYPTOR ;) ----- ALL YOUR DOCUMENTS, PH0T0S, DATABASES AND OTHER IMPORTANT FILES HAVE BEEN ENCRYPTED! ----- The only one way to decrypt your files is to receive the private key and decryption program. To receive the private key and decryption program go to any decrypted folder, inside there is the special file (*_R_E_A_D___T_H_I_S_*) with complete instructions how to decrypt your files. If you cannot find any (*_R_E_A_D___T_H_I_S_*) file at your PC, follow the instructions below: ----- 1. Download "Tor Browser" from https://www.torproject.org/ and install it. 2. In the "Tor Browser" open your personal page here: http://xpcx6erilkjced3j.onion/8C06-EFCF-EEE2-0098-B858 Note! This page is available via "Tor Browser" only. ----- Also you can use temporary addresses on your personal page without using "Tor Browser". ----- 1. http://xpcx6erilkjced3j.1n5mod.top/8C06-EFCF-EEE2-0098-B858 2. http://xpcx6erilkjced3j.19kdeh.top/8C06-EFCF-EEE2-0098-B858 3. http://xpcx6erilkjced3j.1mpsnr.top/8C06-EFCF-EEE2-0098-B858 4. http://xpcx6erilkjced3j.18ey8e.top/8C06-EFCF-EEE2-0098-B858 5. http://xpcx6erilkjced3j.17gcun.top/8C06-EFCF-EEE2-0098-B858 ----- Note! These are temporary addresses! They will be available for a limited amount of time! -----
URLs

http://xpcx6erilkjced3j.onion/8C06-EFCF-EEE2-0098-B858

http://xpcx6erilkjced3j.1n5mod.top/8C06-EFCF-EEE2-0098-B858

http://xpcx6erilkjced3j.19kdeh.top/8C06-EFCF-EEE2-0098-B858

http://xpcx6erilkjced3j.1mpsnr.top/8C06-EFCF-EEE2-0098-B858

http://xpcx6erilkjced3j.18ey8e.top/8C06-EFCF-EEE2-0098-B858

http://xpcx6erilkjced3j.17gcun.top/8C06-EFCF-EEE2-0098-B858

Signatures

  • Cerber

    Cerber is a widely used ransomware-as-a-service (RaaS), first seen in 2017.

    ransomwarecerber
  • Contacts a large (1275) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Downloads MZ/PE file
  • Modifies Windows Firewall 2 TTPs 2 IoCs
    evasion
  • Checks computer location settings 2 TTPs 5 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file 1 IoCs
  • Executes dropped EXE 11 IoCs
  • Loads dropped DLL 10 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Drops file in System32 directory 39 IoCs
  • Sets desktop wallpaper using registry 2 TTPs 1 IoCs
    ransomware
  • Drops file in Program Files directory 64 IoCs
  • Drops file in Windows directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 64 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 14 IoCs
  • Kills process with taskkill 1 IoCs
    evasion
  • Modifies registry class 30 IoCs
  • NTFS ADS 3 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Runs ping.exe 1 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 45 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\System32\WScript.exe
    "C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\code.vbs"
    1⤵
      PID:2248
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
      1⤵
      • Enumerates system info in registry
      • Modifies registry class
      • NTFS ADS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:3960
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa320746f8,0x7ffa32074708,0x7ffa32074718
        2⤵
          PID:4880
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:3088
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2040 /prefetch:2
          2⤵
            PID:3012
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
            2⤵
              PID:3892
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
              2⤵
                PID:1416
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
                2⤵
                  PID:4224
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4204 /prefetch:1
                  2⤵
                    PID:4704
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
                    2⤵
                      PID:2808
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3476 /prefetch:8
                      2⤵
                        PID:4396
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3476 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:3876
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2884 /prefetch:1
                        2⤵
                          PID:2928
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
                          2⤵
                            PID:3948
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
                            2⤵
                              PID:3240
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
                              2⤵
                                PID:3832
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
                                2⤵
                                  PID:3920
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
                                  2⤵
                                    PID:4336
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4264 /prefetch:1
                                    2⤵
                                      PID:4660
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5436 /prefetch:8
                                      2⤵
                                        PID:2708
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5372 /prefetch:8
                                        2⤵
                                        • Modifies registry class
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:2380
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
                                        2⤵
                                          PID:2440
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
                                          2⤵
                                            PID:2484
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2240 /prefetch:8
                                            2⤵
                                              PID:456
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6476 /prefetch:8
                                              2⤵
                                                PID:2452
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2028,10567325425043837567,2686581680322502923,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6564 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:4404
                                            • C:\Windows\System32\CompPkgSrv.exe
                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                              1⤵
                                                PID:4856
                                              • C:\Windows\System32\CompPkgSrv.exe
                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                1⤵
                                                  PID:4972
                                                • C:\Windows\System32\rundll32.exe
                                                  C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                  1⤵
                                                    PID:5088
                                                  • C:\Users\Admin\Downloads\Cerber5.exe
                                                    "C:\Users\Admin\Downloads\Cerber5.exe"
                                                    1⤵
                                                    • Checks computer location settings
                                                    • Drops startup file
                                                    • Executes dropped EXE
                                                    • Enumerates connected drives
                                                    • Drops file in System32 directory
                                                    • Sets desktop wallpaper using registry
                                                    • Drops file in Program Files directory
                                                    • Drops file in Windows directory
                                                    • Modifies registry class
                                                    • Suspicious use of AdjustPrivilegeToken
                                                    PID:2684
                                                    • C:\Windows\SysWOW64\netsh.exe
                                                      C:\Windows\system32\netsh.exe advfirewall set allprofiles state on
                                                      2⤵
                                                      • Modifies Windows Firewall
                                                      PID:3180
                                                    • C:\Windows\SysWOW64\netsh.exe
                                                      C:\Windows\system32\netsh.exe advfirewall reset
                                                      2⤵
                                                      • Modifies Windows Firewall
                                                      PID:2492
                                                    • C:\Windows\SysWOW64\mshta.exe
                                                      "C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Desktop\_R_E_A_D___T_H_I_S___VOGYZU91_.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}
                                                      2⤵
                                                        PID:2016
                                                      • C:\Windows\SysWOW64\NOTEPAD.EXE
                                                        "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\_R_E_A_D___T_H_I_S___YYIKJ9P_.txt
                                                        2⤵
                                                        • Opens file in notepad (likely ransom note)
                                                        PID:2644
                                                      • C:\Windows\SysWOW64\cmd.exe
                                                        "C:\Windows\system32\cmd.exe" /d /c taskkill /f /im "C" > NUL & ping -n 1 127.0.0.1 > NUL & del "C" > NUL && exit
                                                        2⤵
                                                          PID:4824
                                                          • C:\Windows\SysWOW64\taskkill.exe
                                                            taskkill /f /im "C"
                                                            3⤵
                                                            • Kills process with taskkill
                                                            • Suspicious use of AdjustPrivilegeToken
                                                            PID:452
                                                          • C:\Windows\SysWOW64\PING.EXE
                                                            ping -n 1 127.0.0.1
                                                            3⤵
                                                            • Runs ping.exe
                                                            PID:848
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault3a15eef5h9a2bh4c00hae57h948a3b96595e
                                                        1⤵
                                                          PID:3972
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa320746f8,0x7ffa32074708,0x7ffa32074718
                                                            2⤵
                                                              PID:3292
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,12227240468417859457,9847047602050156388,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
                                                              2⤵
                                                              • Suspicious behavior: EnumeratesProcesses
                                                              PID:452
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,12227240468417859457,9847047602050156388,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
                                                              2⤵
                                                                PID:1384
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,12227240468417859457,9847047602050156388,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2912 /prefetch:8
                                                                2⤵
                                                                  PID:4824
                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                1⤵
                                                                  PID:4836
                                                                • C:\Windows\system32\svchost.exe
                                                                  C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
                                                                  1⤵
                                                                    PID:3452
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                    1⤵
                                                                    • Enumerates system info in registry
                                                                    • NTFS ADS
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                    • Suspicious use of FindShellTrayWindow
                                                                    • Suspicious use of SendNotifyMessage
                                                                    PID:2240
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa320746f8,0x7ffa32074708,0x7ffa32074718
                                                                      2⤵
                                                                        PID:4276
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
                                                                        2⤵
                                                                          PID:5100
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
                                                                          2⤵
                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                          PID:2684
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
                                                                          2⤵
                                                                            PID:4568
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3472 /prefetch:1
                                                                            2⤵
                                                                              PID:3304
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
                                                                              2⤵
                                                                                PID:2324
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
                                                                                2⤵
                                                                                  PID:2568
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5012
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4184 /prefetch:8
                                                                                    2⤵
                                                                                      PID:3252
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4184 /prefetch:8
                                                                                      2⤵
                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                      PID:2420
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
                                                                                      2⤵
                                                                                        PID:3132
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5252 /prefetch:8
                                                                                        2⤵
                                                                                        • Modifies registry class
                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                        PID:2900
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5060 /prefetch:8
                                                                                        2⤵
                                                                                          PID:2000
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
                                                                                          2⤵
                                                                                            PID:3620
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
                                                                                            2⤵
                                                                                              PID:4452
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5272
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:5480
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:5776
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:5828
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3960 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:6060
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:6052
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:3028
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:4768
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1796 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:5500
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:816
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:5364
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:3812
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4148 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:5660
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3760 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:1996
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5804
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:2904
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6412 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:5256
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:2484
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7996 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:5868
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:5872
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7712 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:6000
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:5272
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7440 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:3620
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9044 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:5264
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:6100
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:4664
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:3648
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7308 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:2884
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8224 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:6180
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:5840
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6944 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:5836
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:4744
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8668 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:6412
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8508 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:6952
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9408 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:6516
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:6504
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8544 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:6800
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9208 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:6032
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7796 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:6112
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:6256
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:5908
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7212 /prefetch:1
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:5932
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:6128
                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8020 /prefetch:1
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:4416
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:5044
                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:6088
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:4068
                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8712 /prefetch:8
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:6420
                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:6596
                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=9864 /prefetch:8
                                                                                                                                                                                                2⤵
                                                                                                                                                                                                  PID:6716
                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8388 /prefetch:8
                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                    PID:6540
                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9576 /prefetch:8
                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    PID:6196
                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,11091803528878658388,2695831609168969293,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6796 /prefetch:8
                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    PID:2928
                                                                                                                                                                                                • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                                  C:\Windows\system32\AUDIODG.EXE 0x4ec 0x4c0
                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                  PID:5124
                                                                                                                                                                                                • C:\Windows\SysWOW64\werfault.exe
                                                                                                                                                                                                  werfault.exe /h /shared Global\5d2551ea6a9a4e2383c10f31201cf641 /t 1924 /p 2016
                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                    PID:4940
                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                    • Enumerates system info in registry
                                                                                                                                                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                    • Suspicious use of SendNotifyMessage
                                                                                                                                                                                                    PID:4148
                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa320746f8,0x7ffa32074708,0x7ffa32074718
                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                        PID:3260
                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                        PID:5552
                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2264 /prefetch:2
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                          PID:4152
                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2932 /prefetch:8
                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                            PID:6276
                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                              PID:5592
                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3400 /prefetch:1
                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                PID:4356
                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4448 /prefetch:1
                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                  PID:1496
                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4564 /prefetch:1
                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                    PID:4768
                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                      PID:2252
                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2904 /prefetch:8
                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                        PID:4728
                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5536 /prefetch:8
                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                          PID:5772
                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5496 /prefetch:8
                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                            PID:6200
                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5204 /prefetch:8
                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                              PID:4544
                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 /prefetch:8
                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                PID:452
                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5640 /prefetch:8
                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                PID:4216
                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5672 /prefetch:1
                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                  PID:972
                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                    PID:2196
                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5608 /prefetch:1
                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                      PID:5480
                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2188,9591572985878691773,9844256798427099767,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.25 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3768 /prefetch:1
                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                        PID:6264
                                                                                                                                                                                                                                    • C:\Users\Admin\Downloads\ramexpert_lite.exe
                                                                                                                                                                                                                                      "C:\Users\Admin\Downloads\ramexpert_lite.exe"
                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                                                                                      PID:2580
                                                                                                                                                                                                                                      • C:\Users\Admin\AppData\Local\Temp\is-9RTGS.tmp\ramexpert_lite.tmp
                                                                                                                                                                                                                                        "C:\Users\Admin\AppData\Local\Temp\is-9RTGS.tmp\ramexpert_lite.tmp" /SL5="$E037A,3032595,886272,C:\Users\Admin\Downloads\ramexpert_lite.exe"
                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                        • Checks computer location settings
                                                                                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                                                                                        • Drops file in Program Files directory
                                                                                                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                        PID:3844
                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.kcsoftwares.com/?page=postinstall&sw=RAMExpert
                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                            PID:4452
                                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa320746f8,0x7ffa32074708,0x7ffa32074718
                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                PID:6764
                                                                                                                                                                                                                                            • C:\Program Files (x86)\KC Softwares\RAMExpert\RAMExpert.exe
                                                                                                                                                                                                                                              "C:\Program Files (x86)\KC Softwares\RAMExpert\RAMExpert.exe"
                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                                                                                                              PID:6420
                                                                                                                                                                                                                                        • C:\Users\Admin\Downloads\Driver_Updater_setup.exe
                                                                                                                                                                                                                                          "C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                                                                                                          PID:6568
                                                                                                                                                                                                                                          • C:\Users\Admin\AppData\Local\Temp\is-STMHI.tmp\Driver_Updater_setup.tmp
                                                                                                                                                                                                                                            "C:\Users\Admin\AppData\Local\Temp\is-STMHI.tmp\Driver_Updater_setup.tmp" /SL5="$402A0,5837648,810496,C:\Users\Admin\Downloads\Driver_Updater_setup.exe"
                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                            • Executes dropped EXE
                                                                                                                                                                                                                                            • Drops file in Program Files directory
                                                                                                                                                                                                                                            • Modifies registry class
                                                                                                                                                                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                            PID:6516
                                                                                                                                                                                                                                            • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
                                                                                                                                                                                                                                              "C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /INSTALL
                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                              • Checks computer location settings
                                                                                                                                                                                                                                              • Executes dropped EXE
                                                                                                                                                                                                                                              • Loads dropped DLL
                                                                                                                                                                                                                                              • Modifies registry class
                                                                                                                                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                              PID:2436
                                                                                                                                                                                                                                              • C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                                                "C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Schedule" /F
                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                  PID:520
                                                                                                                                                                                                                                                • C:\Windows\SysWOW64\schtasks.exe
                                                                                                                                                                                                                                                  "C:\Windows\System32\schtasks.exe" /Delete /TN "PC HelpSoft Driver Updater Monitoring" /F
                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                    PID:1164
                                                                                                                                                                                                                                                • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
                                                                                                                                                                                                                                                  "C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /START /INSTALLED
                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                  • Checks computer location settings
                                                                                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                                                                                  • Loads dropped DLL
                                                                                                                                                                                                                                                  • Drops file in System32 directory
                                                                                                                                                                                                                                                  • Drops file in Windows directory
                                                                                                                                                                                                                                                  • Checks SCSI registry key(s)
                                                                                                                                                                                                                                                  • Enumerates system info in registry
                                                                                                                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                  • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                  PID:3152
                                                                                                                                                                                                                                                  • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
                                                                                                                                                                                                                                                    "C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe" /TRAY
                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                    • Checks computer location settings
                                                                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                                                                    • Loads dropped DLL
                                                                                                                                                                                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                    PID:6100
                                                                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\tmp2945.tmp_collect\PCHelpSoftDriverUpdater.exe
                                                                                                                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\tmp2945.tmp_collect\PCHelpSoftDriverUpdater.exe" /COLLECT
                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                                                                    • Loads dropped DLL
                                                                                                                                                                                                                                                    • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                                    PID:5380
                                                                                                                                                                                                                                                • C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe
                                                                                                                                                                                                                                                  "C:\Program Files (x86)\PC HelpSoft Driver Updater\Extra\DriverPro.exe"
                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                                                                                                  • Loads dropped DLL
                                                                                                                                                                                                                                                  • Drops file in Program Files directory
                                                                                                                                                                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                                  PID:5636

                                                                                                                                                                                                                                            Network

                                                                                                                                                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                            Replay Monitor

                                                                                                                                                                                                                                            Loading Replay Monitor...

                                                                                                                                                                                                                                            Downloads

                                                                                                                                                                                                                                            • C:\Program Files (x86)\KC Softwares\RAMExpert\RAMExpert.exe
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1.6MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              8d714515862e267b9c39896e03aaaca4

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              f771a34bcc4061adc82c1151e65e0f20d2c87d14

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              db6c6aa4ace6a2cb863d104426158c56cfee0a68667f8274871bfc60d5f01904

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              f81720f102ec43f238585ac6fbd0231fc722b82b6068fcde3feb1bd9f36d7ac84985500e22470591a95914365be591d54d98cc7e95f8c0760711cd73e6e1768a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Program Files (x86)\KC Softwares\RAMExpert\unins000.exe
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.1MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              fa2e39b1ab845e01201aba503bfed842

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              d6f73937239e3b7ebe48584a543e72912db6d5e2

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              384dd0ccc9d8abf3459275d0064cc1dbf2a24429f94ecf966611cb6c65674811

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              ab3db8cb7903038687bcbefdb8c55365d7c4dc72a5f2ad9ae1514944fbc8b6adc67267e6121b8d16cd6fac6a22d8c60829579897fd308f0274e95d560629769a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Program Files (x86)\PC HelpSoft Driver Updater\PCHelpSoftDriverUpdater.exe
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              bd374666922d72c4580a0462368ab5d7

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              b846e43c6f060a94afd245f56511f4d1f4335320

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              9dec8425a8a43e73a4d1ab347f92c86a38cc7e4faa6750cea2919854523264e4

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              e026084aaa8990b7e704f65e4097fa7a3c8b1cabaee3aa76eb84bded044e7bf31f732e27a696d0eb93343b19d8078a81c3b24b72b861d490cb17f245b1bef3f0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Program Files (x86)\PC HelpSoft Driver Updater\sqlite3.dll
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              640KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              842e8edbfbeffb9ef234a2da6d5980fe

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              f76e944e5ac3c489d987a11a313b41dee3e813f3

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ec30f1214fa645b8e436142acab6cc9a07f5c4e3414b5e539a832df9237a7bb3

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              1ca9449dffa72b274b842b3a1f2008d3f13c6f423e7ac466e2efb97fe2103e1aea052a5e8a9839083061154fb61ec870fbe8e35164b386a3aa0aaaf8064a0ed4

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Program Files (x86)\PC HelpSoft Driver Updater\unins000.exe
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.0MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              4947f753eb5c3b1aa3ce496a9ab30130

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              20da210a244b611cc51f3167688b108fea890cc8

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              1cb7131714f41d651792f15b48a128840c959a5190d076a7fee5fe8b8efe232d

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              70407d838aadae2f1c5e9e10446787fed29b683a8374eedb834ee0b255524adf5d1cea6e641e859b14a5e4f8b3fec313f7f943522d144fa902eed6dd5efab4ad

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              639fe1e284fa5ce5eac19de7ce6821fc

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              71351a9608987ef41f15bb913fbf33f058bef278

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              4f8f3b3cafb09485dc63efec62a8dd6c9c646c70d485e4ac7ca0e68becabdb06

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              8086995dcceaa502842144824707f353de76c223e6f282d283fb984974806b5505a6418db74ea4e36cf70be8ff47c6477525b3d15d858cd4cb079bb356a94bc0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              bd1298e3ecd61ac2625698ee3c40ca9e

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              8c6458c21491d21a7be61b8a8937649357fc2f54

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              4a6f2c7566fda4bec6a747180289b48bcf8d4ce3e0e771d404355fec230e1a24

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              e794a422ad026a4f3cc487df246e17b98738eee6d1df1e983d4eeefb2a02bddefecbb9c05d6286c886befd820fe88e6ec9b395ebf80dd68ed01725dd02dc90a0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              9ebd667e8db80b0ab07f02f3dc844252

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              461bade20eebf59e30e8c3620640d6df6db79249

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              d04531e41d70e7832898e797081335b3f0314b09141a01de921ff679dba41b0f

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              75f92d1f4ab942c3fdd3b70542956ea246f718aa8808a53f33d52278505f4f783e4c0458e5093ea4f459e72faea431f926373883eed2ec7da1109bd7efc6fb57

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              3299364a681e415fca7e0b8281d7b15a

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a20e0db1d411ee10b132c0c7ba58d3cf91e574b9

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              d401c778b7fa95492ae1bec3e819615fcc03eb3f8bc5e0ac93e517114ffe3c8f

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              9a3742b94ff7cc7b2be3bb97d52d712eda8fd3803b82749f73b6242dc0ce8cd2482ced218b7f78a3660142906b7d6e9e9bc6c5e62e8f87161678e2afe1b49271

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              f621c7614503377ba83f2fcfca1c303b

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              c7ec737f8e0262052e038691e5b38db37bdfe56e

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              c2d2e04acc5e2cd129dd3211f73b498043051b74a2f661c1199224b37b681b26

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              203e5e582007efb7d11b0442e85d4e37a4cc1332bd6367cd74b0d4b9de0d0df85757bdc66474f62309bf530841ab7a5e4c0d43c95aa416b7175129e2e2b36c26

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              d1ac0d961713a67aa1cd79500c3adad1

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              b4e549808639abcf79b3809ed1c9fc9e589a7844

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              55820418731ab601806c7aff1558e82f2e2e3b041f32b656590b51094f18af1c

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              6e6a9539d19c3120726c7d68e4166639911aabbf6abb838e085af7f95cfacc59704f377e25a05a67090a6b12289c385e73f3abc0fdbc993770aad67f97878748

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8722ca91-0311-4929-af1a-2129e604b54a.tmp
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              5058f1af8388633f609cadb75a75dc9d

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              47KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              709f7544bd3e74c424113e6853948595

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a8c1d9e6c8493091727f0e303e45ab92b773343a

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              0f2a35c8b824d54b483d0b2ea10964bb7af8eb6b1c86d40efbac4c55e1123a2f

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c2ed4cbb5e48d04eeb63c94d7d88acec5af101c2da003a34379023d8454d810ae357d0b4265da7027af38889fe307ca597f815111295ed62520f39aabeb2020a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              3358949805fcbedb8395e52c09a56020

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              e0988641f0898db46988852e0fc624bd2e73d8f1

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              6f4c2c66f5524f0b8d0c2763b2270646c37d5b7c166a35bf1b8e9980b9d42181

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              f1b192671a8a266f5d2f5a97c0e7393d17262054ac5b377ce0fcf9fef83806222e2291ff78003b89aeb592626aa4d2d4f111b111268475c259700cf3b69950be

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              1340d851a4358b99ea34d1518e3a159b

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              4d0e785b153dabb7c349de2f94a56a43edc41119

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              a92b9c4079ab490e91265cfc376a6fc5f67f8703cce3938baa35367e17a5cdae

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              58124bf43bdbe30ed18ac83ff2f7ac07e4a8f28948bfcae2e7a25bb048507c5b830184048c9119afcbc39902845a987b87dcec9fb96f3063b3ba2a00afe0d0e7

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              ba6ddd8a4dfa2cc3996e200da0a63398

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              6db6fb23aa1c8eb67293927d03454f35abe27a58

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              39afcab0e6b254231d967806c9ecb72fe5dfb9cc939f4fd3ab5d99e9c9d34bcf

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c6cd5a2ea049db3a27f78888189760e8293ff304466bb2d56ec1448838be84cc860748698ebff2a4b9986184c1f4ad237a2a8afb289fc63dbd7bd9b8f948501e

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              0c666e96f346e48c6f47230dc58bbf60

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              b1f3cccd8a0ab86275fe63090f13a8a995d6eb1a

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              3937adbde909306ce07497207af7aeb5d9db457b36550e61bb546a7b4da3b8d3

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              7b31eb949c61a2d5cd9e91fcab12c370ec9088bc16be2f311d17a46b55b5f86c5126e11bc2b4869c4ed00de2dedb2df7b5a862153ba19eb1ccb4ac8e6258844a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              28KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              823a4b2d202afdfdd946351b971dcbb4

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              6ad09c8de83ee3a0698144e4d6297a61db137287

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              e843850d287e389e94579c86c9f2d7600223743a1fc275486a58c313e2449b40

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              cff5d3cad753705d1775e4a5bcdd2d972f04cf511f91268a70ec46f8b606798c5ea6eae5897c2a339150e3ea0b5f55ca965da947f963818f806795a273e3910e

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              264KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              143f0c03aec27b4834d4234d962c9cae

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              22e9fdff118e8a4bea417d669cb837bde5957cb3

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              90e007ced114125a239d4246a76db563ec477293850e5678d6dafed90e4fd5a2

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              d1a33412ee3ae96b775cc202c40b98b08adf7a11c04ebed7109701f194382b44615b2a93310a92310f8e6113d43320844ca343a299e4a66db561e2fcc6ae2283

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              124KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              b493cedc3ef44608944480a70f9ca3dc

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              96bf6c94c77cbf101a6ce11ce22d8ba7c0a92141

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              9a1437b510eda1a516965f3d3716894d8ed9f58dfdb72765df591cbc70ed1b9a

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c9e30e37855bcff8dcd00ccb251c392b2d04010610b4baeb5ab98e10b68529d429c5fe36742d76ab2d1619f462739c0105ad9cb6db262a331675566262879e13

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              0b880b349a858bbc21c38dc61d37739a

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              66a4f8fc4666ac6a3dc3cf0b2ff75d9a3d7dd13d

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              f4eb6cb6f6972ace105387bdd4456c688f880ac2497866f064e478a2d40fee2d

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              769737f2a165e57b9c0c2b9da1a4ae6bdbaab7f87967e097ebc89b28459d185834b0279cd469231594d9c70a047b58ef4804f65e1150d4cc17b552998c404852

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              12KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              6e999d45461a89bc85fa09307b884f94

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              b9e85a7b9a6c05acb36771e7f810a0543189fbde

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              3bf8a85e4bee6124614606c68465b722d80cbec5a81021b1becd19854335186e

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              979b1ea96ced504315992b9b3ddfce9228c8249a670876de4720652d625fa354d5c610cd748b284696a720fbc127875356c4312bb8ef91c8e567d4b88b65887e

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              331B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              de558a14faeea5b40695bf42cd4b0b8d

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              b24725eb0a93bdbad4b01dd1c59a86f8ec76973e

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              01294570c95bcd741842a2e425adf7aee728cfad809760fa5cb9597481aea4ba

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              ab4d0cf1c3ad6d2a39218a280df69ae680d4a9293453fea3036744ebd41db8a06b82b77a59f7c7e4987f67a4de64bf8dead543b3429115163605d76a58cdb5d8

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              334B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a7c90aca7cfbdf03981cc022e14e9757

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              8e23830a7e1a85afc0a4c12666fba172f66e35b9

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              a6b28df94e4c300b1460bce0fb81dc38b13f06cc53fc206671d4c638761a9360

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              4b3cfd1471f0426961fc14132133f3e7977c038577d18d9c65f40a8766801b804bab76f6857018311a4af06c8fbcfd3ba5f938a414843b47e6a562872c98446a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              61B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              4df4574bfbb7e0b0bc56c2c9b12b6c47

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              81efcbd3e3da8221444a21f45305af6fa4b71907

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              111B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              285252a2f6327d41eab203dc2f402c67

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              d00c47cb779cf3f10de90a39fd259bc2

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              4cfac50a57b62ea651883093da3a0a6c7a99cc93

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              4f2eb4c2ffc49f6855fb48f0e4b71041f89821b224dbfb0b949ef3021f3ae7af

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              f22116953acc03888d7c661e210098644799db286212a2e0660a425f7948de7b5bb958ccd8a72b06aabd15aedddf5282bbde2805b2674742551af3ca07586a9f

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              936B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              8a66ba965b343718d57230dbc8c3d1de

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              d9905f77091545a3ca61e927fb8b2911fc6348dc

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              deb1840d7ddda5346c7a9b5ba143a76c5b8d7aa57f643249af04beafda2a5116

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              b75ea21bf6e566e26ce09b86d356f90e90cda2afdc22e6c03c8e54bd08e90eb809bfa0fea4f675c1962ec57a404757981128e37d7321f68cc5a47d0f16a1075a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              70f88371cf63f8d13902aa4a2d6400ec

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              4f98c60a31c4e9c85badb5696bd67a1d10271768

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              46b0030a06fe9d862b282353016a5ddef74240061a38bf49ff15e4ddcde623d7

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              68fde43aa76a919be7bc3b217a8519868e5e5079e7181852923ef85b31c0167978d7918c5f13acaf55c49361ce0d431ee09d30d71cdb2e16ff9e138d0fe20499

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              3cac1110a8f9730c3e910f283f6517a4

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              dc7bc3a8ee4aa78ddced3117c561df9c1429faab

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              76a277d5db550a59ff3ed659e57ab7a2af29ce1ed04049fe75d6ee55a2cf19e0

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              1749bfad6a34235f529ea793dd71c0ebb6a001854c7c752f10266f89d308c9933689c2db0d426081c94a84e2c834bdc7090976cc0c1223ac05d7704bf5025aeb

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              87c8af72ad3ed4287c15ed179befd63a

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              af495f4c8e741ade3cc92e97ffdae4d1fdf8d556

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              21c0cc705395f493fd811d01dd9104b745609399c23b0cf05b098683f36e5497

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              72e158ca0ddc5d51cb5be3d5922f795dc9387bc088101a43ca38ab76872bb2943abfced826ee64d86325d13dd378c798fc8036005f7aff5fefb9dce8446adcf4

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              8b37dc76bf542d98c589f8deba325a09

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              2e6fd68d4da9138553cf2c131c80bfff1d92846f

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              f16cc017fc40bd93bc729dfcd9007b07eb182af1b89925f24bb62b24d129576c

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              286de5bbfbf30ed7117b18dee3a9dab524ed3692f0ca4c6db7d8e75c0e4ab18e6a195f362aa03896e5e98e3028500257487e7b5fc63abdd33a96e20e0162e86c

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              e1048a1df98d4b1c3af7350f4b7e8fe7

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              5a1a64c53e32f1add34196a917ffb2b8a64d138e

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              d21b644033eadcbf76f09875dbfcd54beffb5bca8bdf43558e83aca815e71472

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              cd3dfa391562c5483eabfb26395efe1da68f649f3d548d5c4e23135aa82e87d23ed3c05f093734f9898fed14b8192dc7f109f9a2b752fbc68e3c8533602da565

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              5e3647cfa9dc327974113fa684ce2767

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              ec9bac57a718772701f29c9c4e2d93ecea8f040b

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              651d2fb5dd99fe0ff243840f1e2191fa072830c36dc74a11907f2d497e4890e3

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              4821b1c9ee1d40cb99daf4faa1742b3a9b29054e252120931273bff702ed77902799032edf9ce4f88cb9833cfa2008ce7a1a05ebe612d0991fedfb27f62320c2

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              2ecca5f030da700eb70de3ffb4bede16

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              f9d96823da42afbde13dc6e00a6c93f97e46c408

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              49f5572911d6471bbc7458ba8a08ffa76f86dcc2d3fd369a50837c2e05150704

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              67271b3da9a0599267f84da25931455b39d4fac843d35b86d13237ae8be0046ee1f103e10f42221f76424149573e91a2ac21d5a0e266aa3cd6460139d3637656

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              18KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              c9d94153dd791e066ccb3b1af016ddaa

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              54f6794e1bdfaafabc9050f4fb827e36e719f033

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              773927d4e5b240a0cdce5c6696824adf38f9d186a2f44387115090a4603abdb0

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              fd3a0e0d57946045b39337ff7aeb8bde7456f9a8fd5aaf8796dc553268abfdc762000dc8248da660e15283e26bc8a8542e18c396271257e9dc2dae3fdc07f894

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              21KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              2c80a4a938ed745ccf3fc2c2c257f6ca

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              8b4755a3e557c9adaffbb115ed0a08722a026eb9

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              00de63d9f6e12f7daeea631519dbeec2e02c97f013ba7c9712b7a0dd264db8da

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              37b944ea299871cd3d18026de0fb485bafcb3ad4ea8883c1e3b319b8661a03766517ff3486a576338ee9c5452449c90cfc94eb868c3f9f4ce2c7ec20d69d10d9

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              de7231c46deb95a2b54e9a7eedf66d42

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a9d8b7e2cd97bbf149f1427acbb2ce2dff2759c5

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              dc6f142450fa0c6f568b5a3c5a763ab4b7323f950bea6ddb277394c19311fe90

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              269ed961e295b98e3b349d242acaf89be7f13a4d309d896d3fe9f476685412b386ad241670d1414b158af5d389dcdc8593df6b215ea94435f1c619e006eaaebc

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              306d1c63836544aa8ef285c6e7e3deb4

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              ec672b7005208fd2468fa28f9716df2573c8d4a2

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              b079721a19548535e2f0ded257687219db561fc52804ac8d22f7a6aa1f599973

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              30446272b20ac0c280b59c7347492d62b827d48c1b829ea710fb7153d6ecbead18b9e42276f2cff92f5f5d705b8cafc0403aa9bbeca64afb3c86633048e9e3a7

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              6604edcfc4731724cef0bdef9e247632

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              9942414ba17f2e1af624bf71e8315fb68f1070cd

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ac50c0689d4ae2191d69ae203af554c4adf9bf3094559f45a006ad7c928d00b1

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              e20a7a229e1c8d5019d5fce5978db3e7522ba7bcf1cc1e3fe62c5e755cfad1fe0480ddfe192b6a97b80e7842b4a7a724b99fe3b2e0bca0b22306c8595f8371d2

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a0e7990c5627f06f166a8454d115f439

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              29ba88a97e9ef7fbb8dc69cd0b70febc9a967eab

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              8f0687801dcdd3bbe6eebfd38d06c25b4c0aa5da1da7bf844c1134d63fa491eb

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              f41a0e99418d571a573a83762e3210e7bd035519d4bcc1784b0f901fb149cf9167dfaf2c2e2bd0371b4e8ed90a568a145ee9f31d4dbde657ca95d2386a25a636

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              54dc85d7193ca25fc9bf180b813e31e2

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              49cc2212f1f02ee51bb6220a489cf245c6d46df7

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              858dba3399e85c4ae834eda61998be71a5258cec10a2e1bb75eec07092f18719

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              e067cccdaa3576d9aa5631c0ed9ae1825cd27e7e8da0c9239310e776aef1bc72da8a40259d03a35a8f93cdf4a6b43a4c8e8de120bb0b4cbf15b8331e67d8c0c6

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              3d1373603ca7501f66706a949997c820

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              db53c614e89f4caebe063906c7991a4d05853be6

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              876ef8264db17700ba3f2224ecf28b8fbd167f5629e3b6507dee598df6aed947

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              3bef239b20749a172072378c9f2285b41cc076b8515927a10469d0a9ad7228c6a3cb709c33082f7d5feb039bb9090fb3ce18797558c8c810d93f516c4be67cab

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              54bdc181bea25242f83cea401b9af8a7

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              36be929c3b8c02ddbfa6711e148c5e114fdb5aca

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              292277e166dff01d310511f07bf5e304a0142333e777fc559226728aa20f63b9

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              a78c8888d5f99be8b8f5e4dc75df172fd3981cacb0698828a06701c7b0d03feff28e95574891a52f3b54011472289f3bd8763afad7b7046267c771b855f040de

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              f5cde20447488fc2b7a72c816427952b

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              18310cc5c29ca528fc5e3078b387bbf86110dc09

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              71877ab2c3774919768bef43ceb13c5250f7f81267e30f4d52db38d7e211cfc6

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              33b0ff42f3b6eced6ca967a4e9e1f833b58dcb679a9a541490f25524c64bc0e8d2246198b8853b6c4d304134515568f7aa78eb2aeb619bae7157c287344d266f

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              aa24166cfd10f2dd0c86aa6385d09cd9

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              635e03b9a51b6a220424354b877079a7ef74e72e

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              8ec6b5f415ce6915e085a3ab62fca9c84b7b6c0ab6d3a511c8be505bb12c6bf1

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              dc2c0845be6282a44cdb8ca12a18808e84ebe2784c34bdc4604126f16a3d5ea8540e30f0651458451a3cb9eb0d708490511567aef3ad1f8d83a6992e4bfcfef2

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a2d6bf052cfe08ec03db677776ff2880

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              10642f42945d6115302b89c9fed3def888946521

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              6aa40da9e9952be063070d11cb07fd357895f2d4f929aab36fea316b7ba32910

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              34ecbd8f06b387cb80e004820a627b587a76cd339f9313d109275f143e8ed6d1c5557441a3c099129789fe18079d9d6d2a8a4785ee3b01d055c45439206ff354

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              ee7675cdbdc53029ab349f2c7894a0ca

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              dc840a02f21137e285b2bee8e2a9a04a609266c7

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              30069b5291a67022103a0970f17d43b247398908f328dbb28b88ba2362d92a26

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              a9840c0f6bbe99b4bd836ccb6d3233e8dada598d3fdca24acc421cbeb932ebd1eaadb3a0f643320cbb94debd65c96b539579312ebee9a35e01ec11127a28d799

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1d99ede7-7601-4b35-82fa-2a81e363d67b\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              624B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              39af73ee851a5250f1290cd0e6ae7980

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              d94c4e104938f6d6ae580fa4fc311d96cf0afb8b

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              7b9b8d03098e1b73ff726125d34562ec481b1beef9509f60223cf5f6a3ede8b8

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              0ab88b23920bfc77ea0d945af1842d2aacbcf59e9fbf0c7a6d2e6094c2baf6e04f8d65678a9966dedf2907bbd14de4cfa9117dac233c984032922a42e87f50ba

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1d99ede7-7601-4b35-82fa-2a81e363d67b\index-dir\the-real-index~RFe5b9826.TMP
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              48B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              865058b22a97c8c8b5ca1747e1a18490

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              203a6723bd68f2824ed77dfb129e1724edb79dd2

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              5c23704b3a63017a20e781975434b8ffb0e13c651332caa7863db840ba85f2c8

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              56eece3b629b6a348794d5e55cd221dc36651e6760e71c63e4f3973fe84cfaa7d29c772b1c079078e17a061d407bfdb5d23f33e56040cc9b351d21ba9a333063

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\b26802af-5146-4fd4-9a76-3f2f47a125dc\index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              24B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              54cb446f628b2ea4a5bce5769910512e

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ef7e1b0b-c313-468b-b124-8d3c02d8c2c5\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              79ca9a5d024dfec2f3a665cdba8f3460

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              335b386070a6ab98279b183f351714fc5e502eeb

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              e2df68b08d883a5b34079ee5933aafb46bbb156b0864f0384d64962b546c38e2

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              5b487beea441e9588cdea337b38074b5302ab3d9a723532a78c9967a360cd1eb4b000cce8f96770f4eada46eba7d96982fc738b61fdc76f42d832df9e34f0175

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\ef7e1b0b-c313-468b-b124-8d3c02d8c2c5\index-dir\the-real-index~RFe5b369d.TMP
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              48B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              fd9b4de58e3694ac2a13c2455fa20d2f

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a294e36f67eb6c1dac9a35b190e6fb75bf438f7a

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              3b635587b36900428a443ad69ac2219c07438da74008241c2f3ccdba5881d7a6

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c30980a13b064125a1dc7c8d35891e9a9a2966265098dff8711128d8ab4dd0673e9a4fca2301c8fbbb35fc81e87afd41174ad8cbe83963106b72b572c240e3a9

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              89B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              fe3e911bc4bb1f57a1829370b184be0e

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              7087ceb69a65adffe6dcfe14558578dcc73ffff8

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              4119fdaa8b540259423489dbd3d81b2ba6bd1229bc79330a03726e8365200318

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              df7c63e877f73d6442b885a8b3ff8c6f5d2dd6f32f6a7c1b005f086d28fcb8354d208a3d536f6870ca897df728ae5ca02c447ca0e73f4204d8ff82e7108e2ef7

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              146B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              25cd182881f17e3f1ecdb8beb7f7f8ff

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              684b22156534ed711f2caae7b7c4616ebd22b754

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              405d39533fd1f3a443ed62e89d4e2aee6d79d8c1ad3c919155f6218c12872cc0

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              8dda3dc0e3a9a0a4d73c48886213ac570d778fa42af7581d6e6040473c0192e013675788965118a2f0320ed1f606b39bf9eb84ac38e87e65a0ee7b2e671aaf1f

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              148B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              f7e39c29931ee14dc2f1f1507a94d608

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              3208dc88dfc86e9bcaac441c5212b5e3b0719574

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              aaf2d88177a0a4885c976f0aac86de5e5208ee16aa3bdbcf45a33aa0797d9644

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              0d2aca7df38d50f513151b9b5914fe7d57ca11e19a1d793ae0928bade53bd237b3755c4641ef3a563513b78d5578adfdc64e7a07bd2dffe3acf01e93640bf8c9

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              157B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              8eec3d587b68f4292f0d2751cb0bba02

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              ec50eaaad33d8fbce935915e4a4d0e8c206a4898

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              315b903b6701856d36c5a4d5b073be4c6bfd243e4f8b66ebb9c59fb929ed8c89

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              919b3ccae61ae5e397269ebb81c03f15df9da796c7878c53b5efbeec1bca4dbe401467ce84d54ddcffd91b1d125bd6d2358555b2e1cbfc0d3e90450701d96f3c

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              82B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a37db54b88e6ee0a953a3e500189de63

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              f8192a793ed786fc333f93c96f2e410ffc976868

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              62416f26439318678396907bb946f1a185449ebd1c6a19021f25cad2b4da4815

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              7431a58ff16ee9f9e0944c07c17adeeed15c9a9114bdefe8a426597f4395c02718b345225ac8895b8e38834dfce49b1a795c93c1066d82a1012c5fb36c8bbe51

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              153B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              758f08e960d52f820c9da8d2524d5279

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              3b90d885bef25b1d441607e91c442bb67a8c7c3d

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              79e34e68ad1f84d8b8f6a26a523bbb699423284bd11281413a879ecf592cc4e6

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              4a36d8d83adbc3e486ef82b33b9c436db77ee3b8d3ad03f96a7e5b291b9f1dc3cde57845ecabd17baab907feb23ea44099ca1612a90adb71ea6b42a70cfa8d51

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              84B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              64e68efd3ac67963e5516c58f93610d5

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              08c159017933403480fb2a7dbdc9e2356a9aa33c

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              05417cf8c0d50aef535378a7849150749077a46d4d868a9792ed58331eebd523

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              f9f8707dc8019dac104185111110a20a2f396fdc4e7a60dc68dd1abece5c957ac4ebef45561ac7491a6a3be8c858ae23cce3f6396412aea4353644f8b57985b0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              16B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              46295cac801e5d4857d09837238a6394

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              41B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              96B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              529e16ff8f52a77c4fb7a6ec28610b08

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              49eee4c4aea078378c947d435c05f2d0d8fa4468

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              b2496f3da472023c197160014a1079323d8a464b739177f3af9905b56efda766

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              f6de0b20b9b4c03f0707d7c9903636e67d057dc9658f330ec919eff437c63775debc9f0ec1b70086f6f9becbe1868ca96866091880197ec18137d6e39bc56e81

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b8b45.TMP
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              48B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              8db1cea5681a6376d5e7d7b9b1c79479

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              5ef0ee4998ef11dde75a5305b7c7d6d7df6ff5aa

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              93d9c58cde7f123420dd6bdd31f98a01788083fcd9e8e888023a3f1abead4075

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              d0eb25c594ca2b3b5d9766a433fa898492b528fbe706e63098cc196bc8d762b49932e7c53d0781c349974917f8e52e39ab65a1af9ee7228e941dadc91466a0f3

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13352994494706630
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              16KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              c30b69ab11cb06fe702aa4c518fdc6a4

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              632b6dd8607ed75233335e6b725ed24896ee20b1

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ab0e0d6fd75f1145cb58e057477f92683f8cfaa1bb22b1e3a69ac14dd6fa9626

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              099fb93d0cf2ec12abd8d1a68a93f639da9085cc9f75de5cd6e429802f719cb045c6d037b9d930057d4c4fb015507db094e4327fa6b0787b3655ab23d7185465

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              184B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              d9054da3b17e9aca19872e21a96389f2

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              9af718905c58abd2b28443d7fa9928dbcd02cc23

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              fd7ec911027dd097464cc29f89d3aa7edb90a30edc0aabc9374b6ec5333f96f2

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c590eddcd0375a63d45badef8455163e373b395a125b6b70645bdf61bf2358e6b865ae5f1e80b9823c8492ab5b013af85b95a3d97bf283f976ac0866eafdf382

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              347B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a4bcd8633ecece7b4294a791af20f374

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              da3285f9dcb4b62f7e50c6da39323dddc148d390

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              43be81f32ec78225a0b78f4740020a4d84e38801da61d627053c32f02433c2da

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              716641ff502764fc8a3b6e12d15d3c7b94824321b0b2cebf5e08ff64e4b87a364c1c16427df419922237e2e7ae1d88d6df2986686feaf6575ef44fad870bc113

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              350B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              3f21cfff6b2a4137e46147dc3942c2c5

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              ee57b1110c7a4c11bce4fa0985d9fea45054ae46

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              8936cc2ffe2263366a27899d8a19b87eb3496161a1112e5eaa33d7e8b3a7aa59

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              013635a6fb7c62bab15190e9f23ea5fd54c605a3d82abec523e48dc05471c7ad177906c2f6910ab7d90bf8218ecd4ceb4b3762e10463fa19cc2315aca31072ee

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              323B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              039c87eac3327530d97df532c1853ec0

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              45dadc6ea0457281c4fb841019c5ab24311d1b10

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              09db028db4302b8f326f1ab8e2799da34e4ab0386852afd07b59ad92121f360d

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              15a34323f13f255c81e4ec620c1ad8fd51aeb21e77037acb4e25d0a322c2173821e4e6dcabc4d38d0bae7a07275b4fc25b99739108c2aeca28a7f84597191833

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              326B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              d2e5f660fb99046be47b0ac7a4b9b13c

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a541d93b6f2723bcfd175e6928acef0939cfcc1d

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              409047a0becb7478d6ca7b3946d7dc0a4113ea55214a17fc0720ad87f9c0c719

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              fc8e66f9f7c436c2d6943e6e6c745d20a3d33a8d43c22af4b9798955b6889c64f9a0f3d53dea2a2b4b288f047d939dd831d496518c32934a75cededc55138d78

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              2eb22969ba46d61ec1a69606ff3ce6e2

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              c755e6bfad2da0b538802795d40430342bedc371

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              20627b67191dec24fce197b8fb2111d6e5c95d49bd532139036c0c125a93bc20

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              65a6ecf2962a2a45b3e6a9bf3c7855c1d63f07748441a18465ebe995b3a67c2c948de46c0f5142c0c13261d3f2737e0817abbf88e8aa6a11906877f3a7ae013f

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              3fdddde95f6de8d266ac02f8941c83c1

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a54c25408c348be18b5cd1a1400557a29a8a02de

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ef5615e39b351e4f7cabc9e3766612c5d869fa1eb018649ab66b7cc7d846fc5f

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              8ae01d007e8c720f13fd0bd25a8887a0613ac5d65bfcaa093ca5ca7f4b7ba052535c2d6d586d560ab666b320ea1478a1ef789feb877db8859ca0c90185ea73f9

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a16da20735b02472798ba0e7f01123ea

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              1cae22b7b929d8447ad67b774457eac7d490ec71

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              f2a0a60e305fe314913e685e695d352a555a234fa2e2d83f11488f5517b053fb

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              0eadc661539ece86247540766a612ec5ea2049e3f9818d75520ac2b38e3ced57f003ed07d32846716958d17315370fd53df75d5c244bb42ffa7e48eaa689aa30

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              7a29b0b48584b20d387804fe85288ec2

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              07d58b9c69d83d7c0b9f6d367d3c1129ca27a34f

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              a2a90e2142084f98117ddc5dea1c9c1547207ea0ba529525c455ed78bf678499

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c35d3e9ca5ca1db853f85fad7ddd8db38012bfd39748142e322f2e0f712f043ce89bccbb27445671cb9373134ffe72301c549d1a4eb57116eda9409f732cac1d

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              469087c5f56fa4ffa1e63b264fbcf7d2

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              6712368819305391a60621cf78afde8bdc2eb49f

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              33e014ff6817cb001537a9bedc7eb2ca1e0815fb950ec97720266bafdee1bc07

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              d7f00b6ababa2ebd985b6a58c9714bc95475035be832dbcd180f283621a756c3b0ce25ae2cf90a0b8f940fbcad2492454ee2cac665d06c3a0350907e461c59e5

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              021fd41078ad74914ff2dc01660b9b24

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              eca355a6a8d8c5fc6d9ad1f419401b1b78516e66

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              0d5a23d17808f482eced17a0b3dcdc539bf5d09504ff1c85ae26ccd4685c8f80

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              472f4ea69137109f8c3fe5d4f7bc03891822f506be2bd00aa866cc5cca67afe4c4bb979e7695509f60bb9b213a838d7bdecad7a1c1b585cf0d4b3bfe0a3a2c71

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              6d73cbe28f7c432111c61d7f36a728a8

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              b4310ad5a84ff61d1c430a13e9294f4d472b4289

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              042117c2dcfbf437e2dd6128a72ca6f780e6a4ccc66268297a1f2908b7cc1a49

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              4674a933de3738aed4eaf7359f97297f840285c4010806459d4aee103de5933cac4430cbab826d1e6cbba8b5e79b435203adae12389539e75e4c2f0931c1def0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              991cc1e9e0fa750289a62242b716ee30

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              416b5ac364810677d16f547d73465ca57cee7e89

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ad9518dfa61e256c264b30691846c2b236bc65f20df512399548fd256dcb23d7

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              6faa76662b53c29fa153c77852d8da715e60a808353c009b8e8be9a3ccd56f7e0c127221e1281cd29a8ddc1b87e5bd846b72bd7971c6a6a6e8274aca769ebae7

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d5fd.TMP
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              94dcc977a68966cc4d365faab3098b59

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              03f6891431243c346372da4e00d6d909b68f51e8

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              53251af2b10c8090ecc06b6333052d69d34b4bdf0f85c0ec1ac9eea6239a3076

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              67040679ac9b0b1d28c809a68f30633894043802e274f2bfbfa22b9c01f440cbfa7ddab44de4b0fb3c63534392105ce3b90a5ec17ee4f810448d9c8823a761fc

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              128KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              1bd82b29fa00c7b6f96b82cceae42f67

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              608b671ca54e09e148ace6524ae83e4df44a5b74

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              c797094a736d33ec0d24a33a81aff8ad0e2a73c5987f8d8da28a26025f477af0

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              0785de25e2ed813c230b0f73fd1a080aa55b2bab50a0a353c0c81761918e1bfcb05c8c14c1a62f348edcceaab05153d01efafc916b07cbcfb88c6e648f6609e1

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              116KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              a68fa116d9353768c23449cddc690509

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              467e71667423977643521e38a4cadbcf26f2f16a

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              f96e082d4710067f8e44e3262c64bf345e9658dba7cf75f186e89a5fc779c453

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              73fbeb08682e2a86c182320b7753007cfc011daba00890273c58a831242a7b21411380970355b1f8610d5021c5556a6b1c2a9f83b3a5f6c1003adc7e15679b5d

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              16B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              16B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              589c49f8a8e18ec6998a7a30b4958ebc

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              16B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              72KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              7b737facc77e54b664cadedc04d199b3

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              7da26af91ccb8091f69955d92fe8974f9ace5ddb

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              288de56546108ee461e1643ac7a5dab3ea165db2446cd96724f29c892012f203

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              6730cf983efa0117e5696998278f26b045ac5ad7416dc33de45d1e204fb27ca4c218f36c0561b24102a490e651a7e5b531b7d565d569baf2738d3fe1f28b6069

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              44KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              4331ed9a9d928334323652cb8359bca3

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              f17c67e83f6f97f436cc18b4f929b4d2a1baa790

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              14f62e20b714e3b13cfb864064be250e3d4827af4f65c26eee89578e19b8a29c

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              d580cf4679120867cdd81f2af3e89a0fa2575d0d3a07a57a876ef329da70f65ccecd5ac99b1d9a1ff710acce87078af1d737391095756fbaea745af5c5e8020c

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              264KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              b44ba8204e807be24629c2d754a4ac38

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              894345cdd852449fea9780b8d79248aa9fbde3da

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              f12d1393d1660bfe8091aa1adc5b1c26191a0f83d8a79247976dd454738cebf8

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              aa31b5a57f009f9749844d1ad8c248522196c63a0d358ddca9039e9abe47565fea2f99161f1fe7070d40f1673af4886892d11d63bd7d818182dbbb4eb12047ad

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4.0MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              ab72de64b2404ef86e41d459654b1644

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a6a506a494b858f5ab8d72068cb5b0a1f6582dbd

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              e6225bf8682e8c61506e3eb9e9ecf5d064c9ccd84cbc4a4a26aa1863b3e810b3

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              a2bd994ba3853f64646e2c0a561c5fc169ad44e1db91b373235d4e789b9c56b97331a6e1a3f7dc779437753147aeef5755494fe66f8670ea93d0f67562b5b2f8

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              11B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              af817c0254b1e1797f707f839e84a678

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              74e769279095b1b6fdf645cfb15e7d863d885662

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              076086d15b292a6e872ca757b0905d6632a6120354db2860715096d864dc9af0

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              5abfba06ab78b20d58ce400937fd0084af429905078454305005c5f542443ccef14f41a3ac717094a8786c0c19fa2d1abdd0b67f69d5d76cf97d1362b0405c03

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              12KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              e6f593b25ee8f27c438c0a6e799b3b69

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              41d66d7e7b6e6b6aeeab0fc1ccfd0c569ba3e53e

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              6a1d8ae0a93f45296dec94dee2684e741fd65f5d16674aeae441e79cb3010bc1

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              af1376f8fc6ef0a81865a046fc3da8fa7f4863ed0469a319be73428b7437ade5b20a41c3f120dfbd16dd76d40126535e2ca0a6622945fd92438a51820dc325ee

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              cd536fcdf3f125f425db0c908d3fa916

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              fddc91ebf45e05367086b5c542786d1d4b200d54

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              abe5789fdb894899f5f3b6d3272fe3f05a0dfb9b2a35e2c040ff2b8717770b25

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              12d4e0b84d12d8ae6f024fe486854c3e91966af6d4540b6cc40ca53de8085e8907330b26848ba5d8e536c6cbc0394e9663269f7c9c7ec380dbee65a9a19a4896

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              12KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              7bd6396953c959069bfad5f0a39f1bc6

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              3f0cf3dd2daa7095ffd7312c1713b5514ad983db

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              a66e679c8bbb073a806679a9b152a82dc3da8c66b72966b35f5717301f3db2f5

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              7bdf6c7111cf471fcca7de3c10c5827d7892f3a3736a7c1cad3976fb5f1b7dc3cec2ccf02563ba970fd9808050fc637031c2f3949f32b048bd02ef57d3de3d69

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              12KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              73308dcd2a7d6054d22e5b702664e63b

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              c3455a087f8e141eead8e0a61db495265eacb5ed

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              00553facadd1542ae516649e575e24beb173bf1627d02e040e1892b2d691b878

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              3b1736e3b48cc20e693e696b87d52f9b51f97e6ccb7c727e20c4fd3754fb535bb9ae4a0c00b24d8cb2580b8617be82a3440ffe5dcdb67b596dd6cd07dfbb8567

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              75d027a310d16ee1ffe2ec7f81136284

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              face1916f578dac9a4f309c3d2e95f259e025a70

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              8b31c86073a33f2572eef0970e78f4a3c66731b69ef806521089c220c5bb4e15

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              44db3064439f47fa8cdc53b50bf56cdaca0c97d44c9cf178d749d468272777affcb2b893fad26ce1b829dda0d76204c2779bf66669e2a7cc7b7bc9e3a6635ad0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              5a47a5efdee3495e6cbec0e19ede26d0

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              e9fd764671c968d4eaa74b8ca6eb0773c1b19579

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              e6515c6bfd7ef46ee88c038714f50940a620a2240e808a526d89ef3a4a4a3caa

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              c0ffcb341feb652b1950290326b7492789a0559ac9ddc33d53cca12a1ed397f7c1f085245ec9afa11d239291a32e92ee1a90a93be931880fa30440381dced34f

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              264KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              dd7de49d6839a42fc802db1754ba0740

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              7558c71a740a1bc29268e1f965ec9aba682119da

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              008c2b93ef6d01e1f94514413c75783890a5337308a17a70a5e2684e294fda2f

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              abc5035677823284ef52f0ce7c3af38aaacfb16cd21531705b53dcc5c840f8b3c5e5a95cc840b77865b04a975f5e84df1166196a81ad1f317f8937391b23f478

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4B

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              99c1967abe0f4b0a1c1ab84236743055

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              f35a2f968ea6a49d95935f67bc565c60db398848

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              0938413871fb4817cfa0590f4344bb7fa18cdf91c1bf42fec0decfd75a602fdf

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              3e3afcd47dec1b42b66bd9c62dcd78afeccdaf67b18ef23c613e9f0c80269c74c8f61f4af7fdf95eaabe39611c442393b35ba070649a0e1d8d650ca515e062f2

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\OneNote\16.0\cache\_R_E_A_D___T_H_I_S___AE28D_.hta
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              76KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              4b7146cf3eed1c40c995466acfc9a8b0

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              2bca1c3d2ee6efcb4fd2ff46b23dc3081d1667f9

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              ffc257a1167b9cc3c4b3189e7cd48530a919ffacf8073404d631cb69d27f153c

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              cf6c445c08097fb5d9a86f773e89fd40c394e31283068f296bbf5ed2f80b55b5190f2f4a6b0d6c468014e745969b82e5552907679688d10f845621abb135752b

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\OneNote\16.0\_R_E_A_D___T_H_I_S___1H97ZQ_.txt
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              41cacf2797586422dd8982dbb316adc7

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              a006be772d0f764f99ad5cdf33d79f005cb011f3

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              303d56b71b9b265ce67c8839effe67c13ba4f5315f5dff2cf73ac8736fe2d8e2

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              710bffbd6443053fde22861b9efa394d525df265e560b02135cb69ce6afd4bb6aa72bab48b075d581fef204c1363c875ba7deca71c61a281b3766fabdce61af0

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 15184.crdownload
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.8MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              db2155d175a945fd8c53bafd47a0ef8c

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              726711f9606c55700273ed0f7e84e7a6e1a898b9

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              4938a057fefe6a7e57edad3bf130112839ffc5d33828d3a7336fd78dafde006c

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              a8b72f174ea1a1d9e996bafb5e72ad1a76f7d0088e214838838cc42eb6a80b95223219df7db9b7803e37144f83ee46fa3a87514f08017b428d967f18c5b0b874

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 686669.crdownload
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              6.5MB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              cb055d7ddb5b500c5fcb0051428fc3cc

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              c98493f9809c8fd95fd8067a2f1cadf2ee4cead3

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              011d634221dc4de0498600568f37e27de35cfe60fc2c2b22c2aa87871fb10c0a

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              56e5a5c005fb25515971016251fbd6f0d6e2de674085c53491d0ab7e4fde8b0ca4ed9b41c4c835c43931bb74e62dd97be2d4f7d1897ef27c3a091c0a01a6bc1a

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 742788.crdownload
                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              313KB

                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              fe1bc60a95b2c2d77cd5d232296a7fa4

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              c07dfdea8da2da5bad036e7c2f5d37582e1cf684

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              b3e1e9d97d74c416c2a30dd11858789af5554cf2de62f577c13944a19623777d

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              266c541a421878e1e175db5d94185c991cec5825a4bc50178f57264f3556080e6fe984ed0380acf022ce659aa1ca46c9a5e97efc25ff46cbfd67b9385fd75f89

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • \??\pipe\LOCAL\crashpad_3960_XJBLKVKCKDNRLVWJ
                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                              d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                              da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                              e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                              cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                                                                                                                                              Download Submit

                                                                                                                                                                                                                                            • memory/2436-3019-0x0000000000040000-0x000000000087C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2436-3020-0x0000000060900000-0x0000000060993000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              588KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2436-3017-0x0000000000EC0000-0x0000000000EC1000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2580-2897-0x0000000000400000-0x00000000004E6000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              920KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2580-2750-0x0000000000400000-0x00000000004E6000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              920KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2580-2669-0x0000000000400000-0x00000000004E6000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              920KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-546-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              204KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-541-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              204KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-906-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              204KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-932-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              204KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-542-0x0000000000400000-0x0000000000433000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              204KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-540-0x0000000004D50000-0x0000000004D81000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              196KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/2684-935-0x0000000000440000-0x000000000044E000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3022-0x0000000001150000-0x0000000001151000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3106-0x0000000000040000-0x000000000087C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3111-0x0000000000040000-0x000000000087C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3101-0x0000000001150000-0x0000000001151000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3107-0x0000000060900000-0x0000000060993000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              588KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3070-0x0000000060900000-0x0000000060993000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              588KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3069-0x0000000000040000-0x000000000087C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3152-3055-0x0000000008F90000-0x0000000009092000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1.0MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3844-2896-0x0000000000400000-0x0000000000721000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.1MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3844-2893-0x0000000000BF0000-0x0000000000BF1000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3844-2884-0x0000000000400000-0x0000000000721000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.1MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3844-2751-0x0000000000400000-0x0000000000721000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.1MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/3844-2673-0x0000000000BF0000-0x0000000000BF1000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/5380-3105-0x0000000060900000-0x0000000060993000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              588KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/5380-3102-0x0000000000F40000-0x0000000000F41000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/5380-3104-0x0000000000030000-0x000000000086C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/5636-3045-0x0000000060900000-0x0000000060993000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              588KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/5636-3043-0x0000000000400000-0x000000000093A000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              5.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/5636-3042-0x0000000000B00000-0x0000000000B01000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6100-3094-0x0000000000040000-0x000000000087C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6100-3095-0x0000000060900000-0x0000000060993000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              588KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6100-3048-0x0000000001070000-0x0000000001071000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6100-3108-0x0000000000040000-0x000000000087C000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              8.2MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6100-3110-0x0000000001070000-0x0000000001071000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6420-2900-0x00000000002A0000-0x0000000000443000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              1.6MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6420-2894-0x0000000002790000-0x0000000002791000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6516-3046-0x0000000000400000-0x000000000070D000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              3.1MB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6516-2906-0x00000000025C0000-0x00000000025C1000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6568-3047-0x0000000000400000-0x00000000004D3000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              844KB

                                                                                                                                                                                                                                              Download

                                                                                                                                                                                                                                            • memory/6568-2902-0x0000000000400000-0x00000000004D3000-memory.dmp

                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                              844KB

                                                                                                                                                                                                                                              Download