hxxps://github[.]com/KevooRBLX/Discord-Loudmic-Client/blob/main/Resonance%20Client[.]exe

Analysis

max time kernel
149s
max time network
142s
platform
windows10-1703_x64
resource
win10-20240221-en
resource tags

arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system
submitted
23-02-2024 16:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/KevooRBLX/Discord-Loudmic-Client/blob/main/Resonance%20Client.exe

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 6 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\2219095117.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CRLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0f6cfdac7766da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CRLs	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 010000008af4b8bb24698ecb4c37d8acc7484c0e6aa0ebf278f54a9f59e2e4ebbf579faf9243c74b0f9c79d5923e54a1a808ea69bc6373dba0a3c11a13d4	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$blogger	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Extensible Cache	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{AEBA21FA-782A-4A90-978D-B7216 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DeviceId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9222deaf7766da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 53a8d9ac7766da01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\NextUpdateDate = "415542277"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\NextPromptBuild = "15063"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\NextUpdateDate = "415481677"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = 409d52b59887da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2852630833-2010812756-3750823755-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0"	MicrosoftEdge.exe

Suspicious behavior: MapViewOfSection 6 IoCs

pid	Process
5112	MicrosoftEdgeCP.exe
5112	MicrosoftEdgeCP.exe
5112	MicrosoftEdgeCP.exe
5112	MicrosoftEdgeCP.exe
5112	MicrosoftEdgeCP.exe
5112	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeDebugPrivilege	4516	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4516	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4516	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4516	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
212	MicrosoftEdge.exe
5112	MicrosoftEdgeCP.exe
4516	MicrosoftEdgeCP.exe
5112	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 5112 wrote to memory of 3228	5112	MicrosoftEdgeCP.exe	83
PID 5112 wrote to memory of 3228	5112	MicrosoftEdgeCP.exe	83
PID 5112 wrote to memory of 3228	5112	MicrosoftEdgeCP.exe	83
PID 5112 wrote to memory of 3228	5112	MicrosoftEdgeCP.exe	83
PID 5112 wrote to memory of 3228	5112	MicrosoftEdgeCP.exe	83
PID 5112 wrote to memory of 3228	5112	MicrosoftEdgeCP.exe	83

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/KevooRBLX/Discord-Loudmic-Client/blob/main/Resonance%20Client.exe"
1⤵
PID:3060

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:212

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:3348

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:5112

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4516

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:1364

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4708

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:3228

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\7HB61I1H\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\6HV0YYOD\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4BIK2A5R\dark-a167e256da9c[1].css

Filesize
110KB

MD5
16bf89ddba1dd57f22db711fabe734a4

SHA1
957574454d6cf7418b7ec21ee68b9f6cf9121ea5

SHA256
9b8c1638bd260c5ffc8f57ce371ef17210117aae67ffce5afbf141feec1c4c53

SHA512
a167e256da9cfd581c6d23cf0e71e8df6f863b162e9d1f8d32baf91adc0f89b7d75f059061ac6b643230821b6a82bcfa356bd64758a2f337e95cdceedaabdb09

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4BIK2A5R\element-registry-58eba3853ad3[1].js

Filesize
48KB

MD5
6318f4265c76078c5b2de8d0a0adc658

SHA1
ba4c33b846706c15e672966f474fc8858e012f9a

SHA256
0872c9d102a1ea0af632b12b4d54c1d558ba9f5dbfcf39eb9f372f713b9c707d

SHA512
58eba3853ad3775281ce73db42f28d081a542fcc16671cbd55a39bd7ab2f66e1cf6e399137b496168aa39d353a93828c4730c18808ec4ffb0851df24a5238f42

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4BIK2A5R\github-elements-91586b615d25[1].js

Filesize
36KB

MD5
93b289bcc604031e31b4e008d85b4646

SHA1
0d35ecbaaf28c930765bbd3d5af9dbcb84d285b7

SHA256
f0df73d2ae4d6f4e9ba7d2a7eefebaef5e39287398e91af8623b77090978de33

SHA512
91586b615d25f48df145cac490ed6d14a04a2194dbccc982b324e59442eaaaf255a5af0b5863e47c1df30d676f206ad3b964827d1bc93f8c6c40a2b09c23e704

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4BIK2A5R\primer-08e422afeb43[1].css

Filesize
347KB

MD5
1d2c8cf79e1c953160fe461749cdb7ac

SHA1
ceb18d34c6f3e7c3ebcbb15a750b700d4ef2f130

SHA256
ce2c38e8339a7a404e58607632509451573c782b4081cada9c4f4ed86cb043c0

SHA512
08e422afeb432b7fe589390d33bbd4cb8b5432aa1799711ff8b0c47e69f2a9eeb118b91034bedabed83eb20e10c36da9a51e15e3cd7b26444b6eeca24e6ac42f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4BIK2A5R\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-978abc0-add939c751ce[1].js

Filesize
8KB

MD5
586b5fa0648258f1111ce6ec1b3b5cc8

SHA1
40725879c9ad59e2013b50ab8b832da259f32438

SHA256
40c3ef6aa0c3b3fb02fa33fc5aad01539cebf14f2608723f75b2ea04e2e8a0ac

SHA512
add939c751ce064cf6fe23578d3cb3f35756e15c71baae7298c29a6140ec53556702a1853ccb4d77bb0ac41287c22f15b8b1a85d405204947e793c9311c54d95

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\4BIK2A5R\vendors-node_modules_lit-html_lit-html_js-5b376145beff[1].js

Filesize
15KB

MD5
81628c9093236d8e3cf835f708c30608

SHA1
846b10531dfca6510051fc43abb8f9b5647a0433

SHA256
daf381c316a5988c9116aa65c5816cbc8a958211b4c0b7d989ad6c9645757902

SHA512
5b376145beffca1bfc6b0352c08819609a974b6170848699421208752a63f057869e0e4ddd23797b3a0c281c276d7fae580cf41bb5465c632aee58524b21e7ba

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\code-ac2c2f3d57f1[1].css

Filesize
29KB

MD5
4b95982ae6f9ead598a3987c94a63451

SHA1
2d5f95342b2ff3a529c5143deb4c05648dc4b379

SHA256
1253a442c8a9d67bf7ebf412a3bcd481fd1c4ad37a1d29f30c377d81141f699e

SHA512
ac2c2f3d57f12d3d1d21609e080ad9d2aa55ffca4433d47c808264993fcca8c0b0c7947e50bc5f122ae965dede667a3eb57c7815d5c05911e5c511e6773ed871

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\github-8eaab228448a[1].css

Filesize
115KB

MD5
2d4d3b8d12f37f57d6b822d881b956e1

SHA1
194da1af38160e0b813fc9f975792dedd3062bfb

SHA256
40b893f8b55a35fabd039a6123339b8121223140497673dd057b55df6de7f503

SHA512
8eaab228448a898cd2cfbbd907113b276776e59826bcf5a621bea9ee50f30f665afca97c010206c7ccd7047721fbffa7ab92a3f6995370257098e22b0cd537d4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\global-05ed4a7e07b5[1].css

Filesize
278KB

MD5
d20bcb412ddefd157e9f9b0c1941d996

SHA1
34b946c65644fda517df55df77606dbf6822231b

SHA256
05ab671fb6943d3f65288e7e8bd66e72934bfa503e804577902ee9a934d8253c

SHA512
05ed4a7e07b5c8595e11dcf7caf92074b873c1062d7bc54209936a502dc38201f136a53fbcca1e8655c2834df3cb4bd23616c26710710817b93c0ea1c1db32d3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\repository-6247ca238fd4[1].css

Filesize
27KB

MD5
0c6e7f9ad3d84702fe070a9dfa3e400e

SHA1
b7779f1b9dabe9a148255f6f6f98ca8545ac4017

SHA256
07036a0205f8314a3f5cd3ec9eeb44872b79c2418efc20f0945b0ac5c6a83199

SHA512
6247ca238fd4503095653dabda8f9e5937cce5091ec403d8e613dd2601db2b9425d103bcb389fb507fd0cc4a205711c2abb8a7011bc411b65823576a39f355bc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-6ff72b-44df89427254[1].js

Filesize
112KB

MD5
2b49ccdef4483d678093671bc22c9289

SHA1
698a3b643dda9bb76ed8872c0a76ef5d886be4b1

SHA256
cff8a3a7f70d34388d4c1519473d6003bdef4f0a47c89d9cbc2e9ec6f2697194

SHA512
44df89427254f85b1319b826ae2c863a6c55390a48248973314d9e929ba083282cc35a63b445962651b408f3987205daf28b077b14785ceea7504bf277d21836

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-8cd02f324209[1].js

Filesize
18KB

MD5
283c075f4365d93599405753b1f930c8

SHA1
a881cd5af0fe0325f8a63fb3fb91b310b8978700

SHA256
290111291c9074d07e692ae2b04f88297040d99a1a9846408fe0b450ea8d6926

SHA512
8cd02f32420911939e46498916993b0c79dcf92c83f45654c120c2514ec885f5d6023ba180205cca4cbc19a357e7b422c0d00ed06a310769e4ee6dcfa0d80755

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\6ZHLPV68\wp-runtime-78c12d9dc298[1].js

Filesize
36KB

MD5
f98ae0bf98878c00c9264fa370ab72c8

SHA1
1ebae8a262baf12c0a5a4f5da5f4a069713fa0b0

SHA256
e5dcff7c6f5c9e3b2aaaafb2f9931f181bb8e2b74aabccc9c698e313d171cdde

SHA512
78c12d9dc298ac0b5ad66f7dd77cd65bd402750aef0dcbe12ca22730e18802b06d0213785a15be8be28ba55ec11e3b65352db1f9128a35168c0bd829b1d47803

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\environment-4ff0d843ea45[1].js

Filesize
8KB

MD5
9fec5f640e7143f3060818764e6ecc85

SHA1
ac0d938ad03d96c3ea9f10e8552ea2167df255cc

SHA256
e52be2b932a1f10ce9ed7d5b3c6b889e9a0ddf2f8c8cf75612d7de2628bdad50

SHA512
4ff0d843ea45aaa7e26d797284dfb276e448383cfb071af701059ab8694352d248d2cf501ec84d04b5c91e3d3297c63649681d224111c37b4eb0ef1d56036845

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\ui_packages_failbot_failbot_ts-afaa9a250f2e[1].js

Filesize
8KB

MD5
849102dd299fe4d455cd8211defffee3

SHA1
90cc61b61e275811393bbd34b711a5421c98e093

SHA256
da3c91aec105bbb9108e8a8ef4219165bcae70a37f64b00d9992a7c2a08258b0

SHA512
afaa9a250f2e984e1a6ed2ba34489b7bd4c19f3e21011d8867b24fc0e8ae90e9fc66277b7118fee370e7878064a32db8c33b8a09bcc31c954d0ffb905b9a2057

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_details-dialog-elemen-29dc30-a2a71f11a507[1].js

Filesize
15KB

MD5
b6a276c5c85ffb793d0a9ed82a24cb6e

SHA1
e3f235f3b5f96894214f8c038632262b460441fb

SHA256
f065392ebd02bfe54dfa902c51348eaeb4b7a00c0463ad23a1f9e671150c11f0

SHA512
a2a71f11a507482b9c26beabf60b83d3bb9d5fadba55b79ae456d41cc748b6e624932b9bac8308fe1d16c9422b20c98440c273ad9b00c724615cc07c5c158c5f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_dompurify_dist_purify_js-6890e890956f[1].js

Filesize
22KB

MD5
80fa30c00e347b5bbc8b7ff9dc2c9f44

SHA1
d085fe485ada77814949e92fa9e1b1eb05ba5eda

SHA256
be77c75cf182f1830d0f90b8d7aee460f0108c6e7f5a143a524f709b9023c80d

SHA512
6890e890956fafa8187511df1ac3c80a5b8d56be5ca989da251741f59c8d1186c0efa3d374f113b0ebeda124b78dedd106ea97f487ec04cf2a012e7bdd1048b3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_github_auto-complete-element_dist_index_js-d6c09d7e4e48[1].js

Filesize
13KB

MD5
6bc4026c44957759005bf7fc5792773e

SHA1
454edf5bda858b396845c240d86643b3758f5287

SHA256
1f36b3eb6d7fbae684bf3920036a776d32173740e8099d1b2cc95db01d3e195c

SHA512
d6c09d7e4e48d7d5eb1f549f971879a93787c2d36f936a8fff112a5c64d8dd484afc72ba5b0be9e2030e09a869b22ab218e7aa133106cc6f936287d106e44c4f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_github_hydro-analytics-client_dist_analytics-client_js-node_modules_gith-6a10dd-e66ebda625fb[1].js

Filesize
11KB

MD5
ea0881634aa064550af1e9ec43bdd086

SHA1
526022c1eec777497ba69bf7d6f1370369440354

SHA256
ff375fe79148dbe8a6ff00f2b0691def67955fc89f8e7ad1e9e30e46a67ff638

SHA512
e66ebda625fb34f2951e54db4016e88e45133243afdb55de96e96421d0a190784d19dea9d83ab048644983ce965bc9b1b52eb89bb10c80569f4ff536ba5419c6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a[1].js

Filesize
14KB

MD5
2cabd818fb8745b2fc7d5f92594269b8

SHA1
88108fecb3839f06671c2a21e35163e0e414b2b0

SHA256
55cdbee6ddce98f5c299a24fb9851501f46ff0cdd2ef3b2f7bb572a3940b462d

SHA512
c76945c5961a4f5b2cb1f85bd3cbb35d5e81f611c3ba05543acfe870728e94e9719c9331b65f4c2c8723960c5ac1e9cac0495a892f049b41ed3ffbe899b93700

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js

Filesize
9KB

MD5
683a7fe431bded8fbbf7b5189a1b8209

SHA1
2fb527473877ea06ec6b023690ce933c216c5d07

SHA256
f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3

SHA512
9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0[1].js

Filesize
8KB

MD5
6822816845d932c1e93f68372f005918

SHA1
1dd14a539530e8d131ce29be5e5f84e4098b6a15

SHA256
14d338ed3345cc8d74e239c812aa37eeee6126bc1ad8a17e4e2cf6ba8ee0adee

SHA512
086f7a27bac0d285f5e0c849cebac7176f86edb18037d8ec4356c2b8892fd3f47e045f857eb673b213661eea17441192cdb7a76c807c2badcecff6b7901aba92

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\L7S00GBA\vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-a4c183-79f9611c275b[1].js

Filesize
13KB

MD5
0ebf88b18838ca3926ece77027c1a096

SHA1
0f2edc27f5a23e5c2f699443c0d6572904b7bfd2

SHA256
452a443efadf60da1b19b9bf50d6cbbb25ab9441a3e9fe73b678d9cd486d80b6

SHA512
79f9611c275bf2087d6b063e2f4bf13feddab30c494b7bc968169fddf15a451aa26fe231ffe9e2eb4b9923477528ce638f5688cf4930953d372df69e822ffb44

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UQ45J0LQ\Resonance%20Client[1].htm

Filesize
143KB

MD5
76de8a8d7beadeb563439a70d19886f8

SHA1
22f2d1aade0a263ed84237c9c7c9e36347787ddd

SHA256
cccf78fa80b82292bd6b8d23a633d3deaf5871bac16c542cb7eedc7308fa92c1

SHA512
20824c5924cfae4b93ead92710b2f0e6d50d7acdad2e9505f58be148267f0155e510b9ece2f0f1bdd77854978c82f1dcc43cf6e87f0c948673693f5d3ecde76c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UQ45J0LQ\light-0eace2597ca3[1].css

Filesize
110KB

MD5
c98edbdc81b370dec6c1635959f3e6d1

SHA1
fc7c9fd6033bbc608ac6b77b5b481c7bfe162e75

SHA256
7214039084d73a8ac3457904dce9dba06f30e82c1b62bf186e791502aad5c41c

SHA512
0eace2597ca30668d561697e3275158ede25e98bb9af70b059f8a1edcd139ce4910c9e04a1d739918615d4042fd4c5d16f6d5ec0983c9785537f55aba10cb64a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\UQ45J0LQ\primer-primitives-2ef2a46b27ee[1].css

Filesize
7KB

MD5
ba93b60e8eb01e302ebd930031a4fdfe

SHA1
2497d6b9e46a20424acbe75ee9e1044dd9708c6e

SHA256
0f939f1412bceb48d6251737c401cd72d909855a60feb94f045dce5f0d967d0f

SHA512
2ef2a46b27ee1ad5198969ea5088d4a417e0338d5159af20acbd06f1af59afe8a73425fbd3bbdc693aa947dc37f8a956f5de52297fc9b4d4fda3843ad9646c3d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\50CD3D75D026C82E2E718570BD6F44D0_D222662A57BAA60D2F5EA0D2CC7B2F1C

Filesize
313B

MD5
bf7a4f00f70406f825660a5be1dea31d

SHA1
7a49cd4ce71941a6500c83aef523835735a295be

SHA256
d67c71f75a3b46e787fcb95004b8da5c9900e3647ef755a30dc8c4a965806fa6

SHA512
85bef4ad3f0d0b67f7ca5dc1d0162c4fc198b550896386a51bab33cc3fc92a12aa0bdf40d8fe896f87a1570675b5bd20c898c430127478fd7c7f05eae5f806a3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565

Filesize
471B

MD5
9a1cbdd03c97de7db2007c7a58da18b1

SHA1
9d844cc4320058b4e30bfeab18b8d8821523e5c2

SHA256
36502a2511d519f25312905647b29a256180dcd8362096fcff183e56f9cb302d

SHA512
b000e94a38d72329d029e58482687fe10bbdafe36e308c84eed6de27bade3957221a79a4a132f7e91431fb0afbff169a20e267aeab5359cb6d48617cdf6eefa2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\50CD3D75D026C82E2E718570BD6F44D0_D222662A57BAA60D2F5EA0D2CC7B2F1C

Filesize
408B

MD5
fbc2d8dd1ad444aed47b19382f7a0554

SHA1
08cb5778e82bea1501ffa2b0aa8a1f7d0e75ec1d

SHA256
94aee707b9511e1906942d9cce240052285e83aaad7b5ec79fc4741053540707

SHA512
7a4246d1a988df0e1e6501cdf5e0da8ad7244f89411ed668221c7cb075f108e96fedd5700bd6ca7bc1613d3c327c722690bc752244c3d12d3124771a39508b36

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_ADE4E4D3A3BCBCA5C39C54D362D88565

Filesize
404B

MD5
45bf5f69f8559d3f38eb8008e1012f64

SHA1
2d42507f8b75262eca1c279afab474f4d7e267ba

SHA256
b96fe528e673693cb21f2eb6ae7b793e61db085765b849aa36a7c32bc0067c5a

SHA512
3c5ed6257c5a0996cf406cc42e61b49cd9ae8022cd972b8251388c766df23498bc7219b593c79d4f378381f5d285fb4c6bd11ff5aac50d467c473b169f4d3764

Download Submit
memory/212-35-0x000001DEA71B0000-0x000001DEA71B2000-memory.dmp

Filesize
8KB

Download
memory/212-0-0x000001DEA7020000-0x000001DEA7030000-memory.dmp

Filesize
64KB

Download
memory/212-16-0x000001DEA7840000-0x000001DEA7850000-memory.dmp

Filesize
64KB

Download
memory/212-216-0x000001DEAF4E0000-0x000001DEAF4E1000-memory.dmp

Filesize
4KB

Download
memory/212-215-0x000001DEAF4D0000-0x000001DEAF4D1000-memory.dmp

Filesize
4KB

Download
memory/3228-187-0x000001B1FD670000-0x000001B1FD672000-memory.dmp

Filesize
8KB

Download
memory/3228-199-0x000001B1FE6E0000-0x000001B1FE6E2000-memory.dmp

Filesize
8KB

Download
memory/3228-197-0x000001B1FE6C0000-0x000001B1FE6C2000-memory.dmp

Filesize
8KB

Download
memory/3228-195-0x000001B1FE6A0000-0x000001B1FE6A2000-memory.dmp

Filesize
8KB

Download
memory/3228-189-0x000001B1FD690000-0x000001B1FD692000-memory.dmp

Filesize
8KB

Download
memory/3228-184-0x000001B1FD640000-0x000001B1FD642000-memory.dmp

Filesize
8KB

Download