Overview

overview

10

Static

static

1

URLScan

urlscan

http://d

windows10-2004-x64

10

Analysis

  • max time kernel
    2696s
  • max time network
    2703s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-02-2024 14:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://d

Score
10/10
chimeradiscoverypersistenceransomware

Malware Config

Signatures

  • Chimera 64 IoCs

    Ransomware which infects local and network files, often distributed via Dropbox links.

    ransomwarechimera
  • Chimera Ransomware Loader DLL 1 IoCs

    Drops/unpacks executable file which resembles Chimera's Loader.dll.

    ransomware
  • Renames multiple (3285) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Executes dropped EXE 2 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  • Drops desktop.ini file(s) 27 IoCs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 10 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
    adwarespyware
  • Modifies registry class 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 55 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 32 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://d
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ad7e46f8,0x7ff8ad7e4708,0x7ff8ad7e4718
      2⤵
        PID:452
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        PID:2688
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
        2⤵
          PID:4560
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
          2⤵
            PID:1288
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
            2⤵
              PID:3020
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
              2⤵
                PID:1576
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1
                2⤵
                  PID:924
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
                  2⤵
                    PID:2040
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
                    2⤵
                      PID:3212
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:3700
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5492 /prefetch:1
                      2⤵
                        PID:4416
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5364 /prefetch:1
                        2⤵
                          PID:4468
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
                          2⤵
                            PID:4052
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
                            2⤵
                              PID:1084
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5396 /prefetch:1
                              2⤵
                                PID:4908
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5928 /prefetch:1
                                2⤵
                                  PID:4388
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5596 /prefetch:8
                                  2⤵
                                  • Modifies registry class
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:1032
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6080 /prefetch:8
                                  2⤵
                                    PID:3660
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
                                    2⤵
                                      PID:2572
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3076 /prefetch:1
                                      2⤵
                                        PID:3476
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
                                        2⤵
                                          PID:924
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6352 /prefetch:8
                                          2⤵
                                            PID:4516
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
                                            2⤵
                                              PID:3896
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1992 /prefetch:2
                                              2⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:456
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2068,15330203549970721947,9667247721181289861,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4980 /prefetch:8
                                              2⤵
                                              • Suspicious behavior: EnumeratesProcesses
                                              PID:3488
                                          • C:\Windows\System32\CompPkgSrv.exe
                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                            1⤵
                                              PID:1092
                                            • C:\Windows\System32\CompPkgSrv.exe
                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                              1⤵
                                                PID:4068
                                              • C:\Windows\System32\rundll32.exe
                                                C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                1⤵
                                                  PID:4432
                                                • C:\Windows\system32\NOTEPAD.EXE
                                                  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Browser Hijackers\BabylonToolbar.txt
                                                  1⤵
                                                    PID:2408
                                                  • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                    "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                    1⤵
                                                      PID:4228
                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 4228 -s 1556
                                                        2⤵
                                                        • Program crash
                                                        PID:392
                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 412 -p 4228 -ip 4228
                                                      1⤵
                                                        PID:1264
                                                      • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                        "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                        1⤵
                                                          PID:4800
                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                            C:\Windows\SysWOW64\WerFault.exe -u -p 4800 -s 1528
                                                            2⤵
                                                            • Program crash
                                                            PID:180
                                                        • C:\Windows\SysWOW64\WerFault.exe
                                                          C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 4800 -ip 4800
                                                          1⤵
                                                            PID:1724
                                                          • C:\Windows\system32\OpenWith.exe
                                                            C:\Windows\system32\OpenWith.exe -Embedding
                                                            1⤵
                                                            • Modifies registry class
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:3320
                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                            "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                            1⤵
                                                              PID:3504
                                                              • C:\Windows\SysWOW64\WerFault.exe
                                                                C:\Windows\SysWOW64\WerFault.exe -u -p 3504 -s 1528
                                                                2⤵
                                                                • Program crash
                                                                PID:4864
                                                            • C:\Windows\SysWOW64\WerFault.exe
                                                              C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3504 -ip 3504
                                                              1⤵
                                                                PID:2384
                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                1⤵
                                                                  PID:4844
                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                    C:\Windows\SysWOW64\WerFault.exe -u -p 4844 -s 1540
                                                                    2⤵
                                                                    • Program crash
                                                                    PID:2876
                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                  C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 4844 -ip 4844
                                                                  1⤵
                                                                    PID:3292
                                                                  • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                    "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                    1⤵
                                                                      PID:2068
                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 2068 -s 1528
                                                                        2⤵
                                                                        • Program crash
                                                                        PID:3120
                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2068 -ip 2068
                                                                      1⤵
                                                                        PID:2388
                                                                      • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                        "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                        1⤵
                                                                          PID:3448
                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                            C:\Windows\SysWOW64\WerFault.exe -u -p 3448 -s 1540
                                                                            2⤵
                                                                            • Program crash
                                                                            PID:4944
                                                                        • C:\Windows\SysWOW64\WerFault.exe
                                                                          C:\Windows\SysWOW64\WerFault.exe -pss -s 524 -p 3448 -ip 3448
                                                                          1⤵
                                                                            PID:744
                                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                            "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                            1⤵
                                                                              PID:4104
                                                                              • C:\Windows\SysWOW64\WerFault.exe
                                                                                C:\Windows\SysWOW64\WerFault.exe -u -p 4104 -s 1444
                                                                                2⤵
                                                                                • Program crash
                                                                                PID:4796
                                                                            • C:\Windows\SysWOW64\WerFault.exe
                                                                              C:\Windows\SysWOW64\WerFault.exe -pss -s 544 -p 4104 -ip 4104
                                                                              1⤵
                                                                                PID:3808
                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                                1⤵
                                                                                  PID:3048
                                                                                  • C:\Windows\SysWOW64\WerFault.exe
                                                                                    C:\Windows\SysWOW64\WerFault.exe -u -p 3048 -s 1532
                                                                                    2⤵
                                                                                    • Program crash
                                                                                    PID:4192
                                                                                • C:\Windows\SysWOW64\WerFault.exe
                                                                                  C:\Windows\SysWOW64\WerFault.exe -pss -s 512 -p 3048 -ip 3048
                                                                                  1⤵
                                                                                    PID:4148
                                                                                  • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                                    "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                                    1⤵
                                                                                      PID:2036
                                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                                        C:\Windows\SysWOW64\WerFault.exe -u -p 2036 -s 1540
                                                                                        2⤵
                                                                                        • Program crash
                                                                                        PID:3668
                                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 520 -p 2036 -ip 2036
                                                                                      1⤵
                                                                                        PID:3700
                                                                                      • C:\Windows\system32\taskmgr.exe
                                                                                        "C:\Windows\system32\taskmgr.exe" /0
                                                                                        1⤵
                                                                                        • Checks SCSI registry key(s)
                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                        • Suspicious use of SendNotifyMessage
                                                                                        PID:492
                                                                                      • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe
                                                                                        "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Joke\YouAreAnIdiot\EXEVersion\YouAreAnIdiot.exe"
                                                                                        1⤵
                                                                                          PID:3428
                                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                                            C:\Windows\SysWOW64\WerFault.exe -u -p 3428 -s 1528
                                                                                            2⤵
                                                                                            • Program crash
                                                                                            PID:4900
                                                                                        • C:\Windows\SysWOW64\WerFault.exe
                                                                                          C:\Windows\SysWOW64\WerFault.exe -pss -s 536 -p 3428 -ip 3428
                                                                                          1⤵
                                                                                            PID:1720
                                                                                          • C:\Windows\system32\NOTEPAD.EXE
                                                                                            "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\The Worst Of All!!!!!!\BonziBUDDY!!!!!!.txt
                                                                                            1⤵
                                                                                              PID:4168
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                                              1⤵
                                                                                              • Enumerates system info in registry
                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                              PID:1096
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8ad7e46f8,0x7ff8ad7e4708,0x7ff8ad7e4718
                                                                                                2⤵
                                                                                                  PID:1392
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2224 /prefetch:3
                                                                                                  2⤵
                                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                                  PID:416
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
                                                                                                  2⤵
                                                                                                    PID:1384
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1528 /prefetch:8
                                                                                                    2⤵
                                                                                                      PID:2412
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:4012
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:4108
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:2468
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3928 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:4228
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3524 /prefetch:8
                                                                                                              2⤵
                                                                                                                PID:5084
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3524 /prefetch:8
                                                                                                                2⤵
                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                PID:4172
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3616 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:2208
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5740 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:4568
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:1732
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:3156
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3972 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:4224
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:3136
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5900 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:4812
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1884 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:1224
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2804 /prefetch:2
                                                                                                                                2⤵
                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                PID:2128
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:4508
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:404
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:4220
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:1932
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:4436
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,913124417295584556,13696766511147574790,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:1340
                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                          1⤵
                                                                                                                                            PID:4032
                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                            1⤵
                                                                                                                                              PID:4588
                                                                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe
                                                                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe"
                                                                                                                                              1⤵
                                                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                                                              PID:3636
                                                                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe
                                                                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\AgentTesla.exe"
                                                                                                                                              1⤵
                                                                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                                                                              PID:488
                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Temp2_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Virus\WinNuke.98.exe
                                                                                                                                              "C:\Users\Admin\AppData\Local\Temp\Temp2_The-MALWARE-Repo-master.zip\The-MALWARE-Repo-master\Virus\WinNuke.98.exe"
                                                                                                                                              1⤵
                                                                                                                                                PID:2276
                                                                                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\HawkEye.exe
                                                                                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\HawkEye.exe"
                                                                                                                                                1⤵
                                                                                                                                                • Chimera
                                                                                                                                                • Drops desktop.ini file(s)
                                                                                                                                                • Drops file in Program Files directory
                                                                                                                                                • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                PID:548
                                                                                                                                                • C:\Program Files\Internet Explorer\iexplore.exe
                                                                                                                                                  "C:\Program Files\Internet Explorer\iexplore.exe" -k "C:\Users\Admin\Music\YOUR_FILES_ARE_ENCRYPTED.HTML"
                                                                                                                                                  2⤵
                                                                                                                                                  • Modifies Internet Explorer settings
                                                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                                                  PID:2732
                                                                                                                                                  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                                                                                                                                                    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:17410 /prefetch:2
                                                                                                                                                    3⤵
                                                                                                                                                    • Modifies Internet Explorer settings
                                                                                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                                                                                    PID:4460
                                                                                                                                              • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe
                                                                                                                                                "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe"
                                                                                                                                                1⤵
                                                                                                                                                  PID:2984
                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\is-0FDER.tmp\butterflyondesktop.tmp
                                                                                                                                                    "C:\Users\Admin\AppData\Local\Temp\is-0FDER.tmp\butterflyondesktop.tmp" /SL5="$A042A,2719719,54272,C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\butterflyondesktop.exe"
                                                                                                                                                    2⤵
                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                    • Adds Run key to start application
                                                                                                                                                    PID:3228
                                                                                                                                                    • C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe
                                                                                                                                                      "C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe"
                                                                                                                                                      3⤵
                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                      PID:4012
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://freedesktopsoft.com/butterflyondesktoplike.html
                                                                                                                                                      3⤵
                                                                                                                                                        PID:3940
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0xf8,0x134,0x7ff8ad7e46f8,0x7ff8ad7e4708,0x7ff8ad7e4718
                                                                                                                                                          4⤵
                                                                                                                                                            PID:1556
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Spyware\YOUR_FILES_ARE_ENCRYPTED.HTML
                                                                                                                                                      1⤵
                                                                                                                                                        PID:1600
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8ad7e46f8,0x7ff8ad7e4708,0x7ff8ad7e4718
                                                                                                                                                          2⤵
                                                                                                                                                            PID:2984

                                                                                                                                                        Network

                                                                                                                                                        MITRE ATT&CK Enterprise v15

                                                                                                                                                        Replay Monitor

                                                                                                                                                        Loading Replay Monitor...

                                                                                                                                                        Downloads

                                                                                                                                                        • C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe
                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          MD5

                                                                                                                                                          81aab57e0ef37ddff02d0106ced6b91e

                                                                                                                                                          SHA1

                                                                                                                                                          6e3895b350ef1545902bd23e7162dfce4c64e029

                                                                                                                                                          SHA256

                                                                                                                                                          a70f9e100dddb177f68ee7339b327a20cd9289fae09dcdce3dbcbc3e86756287

                                                                                                                                                          SHA512

                                                                                                                                                          a651d0a526d31036a302f7ef1ee2273bb7c29b5206c9b17339baa149dd13958ca63db827d09b4e12202e44d79aac2e864522aca1228118ba3dcd259fe1fcf717

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Program Files\Java\jdk-1.8\jre\lib\YOUR_FILES_ARE_ENCRYPTED.HTML
                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          MD5

                                                                                                                                                          f62aaff573b3c7a8f1794e4992782705

                                                                                                                                                          SHA1

                                                                                                                                                          f709d96dce991d325e7ff377cdea61aab47f985b

                                                                                                                                                          SHA256

                                                                                                                                                          da62d2c5f9ac73df9db0fe1438d2da0c3b3058ac389a7f928f51c2039b69512e

                                                                                                                                                          SHA512

                                                                                                                                                          eab88b76509f40baddc2798dc5b759ee4ac26d22605e9b438e8b2c845b89f763a2d9997dd90eeb309133b8dadcb59742fd8f265efd06ee7331bd365d660eba64

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                          Filesize

                                                                                                                                                          152B

                                                                                                                                                          MD5

                                                                                                                                                          0764f5481d3c05f5d391a36463484b49

                                                                                                                                                          SHA1

                                                                                                                                                          2c96194f04e768ac9d7134bc242808e4d8aeb149

                                                                                                                                                          SHA256

                                                                                                                                                          cc773d1928f4a87e10944d153c23a7b20222b6795c9a0a09b81a94c1bd026ac3

                                                                                                                                                          SHA512

                                                                                                                                                          a39e4cb7064fdd7393ffe7bb3a5e672b1bdc14d878cac1c5c9ceb97787454c5a4e7f9ae0020c6d524920caf7eadc9d49e10bee8799d73ee4e8febe7e51e22224

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                          Filesize

                                                                                                                                                          152B

                                                                                                                                                          MD5

                                                                                                                                                          e494d16e4b331d7fc483b3ae3b2e0973

                                                                                                                                                          SHA1

                                                                                                                                                          d13ca61b6404902b716f7b02f0070dec7f36edbf

                                                                                                                                                          SHA256

                                                                                                                                                          a43f82254638f7e05d1fea29e83545642f163a7a852f567fb2e94f0634347165

                                                                                                                                                          SHA512

                                                                                                                                                          016b0ed886b33d010c84ca080d74fa343da110db696655c94b71a4cb8eb8284748dd83e06d0891a6e1e859832b0f1d07748b11d4d1a4576bbe1bee359e218737

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                          Filesize

                                                                                                                                                          152B

                                                                                                                                                          MD5

                                                                                                                                                          e79f3de42e348a44ade1535a3d9cfe6a

                                                                                                                                                          SHA1

                                                                                                                                                          6296b5d1a50ba63064bab0c0646d540a103f3fcd

                                                                                                                                                          SHA256

                                                                                                                                                          4a762a3b6bde7a865b66283ee03cbdd5b3b07c58e7b96e9ce01e0fca8fe215af

                                                                                                                                                          SHA512

                                                                                                                                                          54823bd8cf638a912d9723178a130529d34908a68e0f86bc82ab02ac68a710a4abdd7fdeda5ef3574baa83b86a4a1355620ddd750026eb0d248dd1d91c649677

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
                                                                                                                                                          Filesize

                                                                                                                                                          44KB

                                                                                                                                                          MD5

                                                                                                                                                          7c47a7ac1137b9ef54e07462833fbf5d

                                                                                                                                                          SHA1

                                                                                                                                                          2abd6c5332a8694e69a1a371e6f80ac6a0546c19

                                                                                                                                                          SHA256

                                                                                                                                                          51c32b8e944f55ec56382e1bae14bb13b3543ff783775b3069d01aa3b9141d71

                                                                                                                                                          SHA512

                                                                                                                                                          79f274224f4e2469ee47bc4ccb366598ed36271c55d708e24642720e2895c774c97983aff9d80b40b15828e3624d8202a0bdf9ba3640b6a310dc016d268da5a7

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
                                                                                                                                                          Filesize

                                                                                                                                                          264KB

                                                                                                                                                          MD5

                                                                                                                                                          dee8f1915c6bb0361754ff3caf62f28e

                                                                                                                                                          SHA1

                                                                                                                                                          e17f54d3a2d2eba938ab5e5ca6d68b5e3d5046fe

                                                                                                                                                          SHA256

                                                                                                                                                          ca412f0c12a5663cefa8e7b69b80b1d62f5223d6394aec9a69cab316a044da7a

                                                                                                                                                          SHA512

                                                                                                                                                          deff4d121061ffdb7d23dfcf219782b8d9b6f232f04617f765f82a72d140524b49a9a9371a6cd625a37e5cedf3e4cda2db182bb043b35bd3000ad4b2b201a194

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
                                                                                                                                                          Filesize

                                                                                                                                                          502KB

                                                                                                                                                          MD5

                                                                                                                                                          f83f61d7af8d64d9b8eb04b49910e1a1

                                                                                                                                                          SHA1

                                                                                                                                                          02a1015997b6ea92f33215856076df311909dbea

                                                                                                                                                          SHA256

                                                                                                                                                          81ff4b201281c9d54dc8e1ecbd3c13ad26b28609a8bb0cd40d501ef80d6e2085

                                                                                                                                                          SHA512

                                                                                                                                                          da7b45043f52bd2169559f4e7abe44ab783dfbe5352a2299091619b1d6289cc3f7eaeff5e96fa5da13473aa6882de092a12c69000fbab636e98d9d8027b5d141

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
                                                                                                                                                          Filesize

                                                                                                                                                          422KB

                                                                                                                                                          MD5

                                                                                                                                                          640ec7b0a813ab1686a5fd8a59bc9f0f

                                                                                                                                                          SHA1

                                                                                                                                                          b28c9d6dca89fd9b72f3a83be80ad05e1552aeca

                                                                                                                                                          SHA256

                                                                                                                                                          7e548f1dc2530c89b79273a8b6b5b1de6830143204b0429718be61de2df88683

                                                                                                                                                          SHA512

                                                                                                                                                          24304226d53c206b45404cfa229ddb3a9c7917b642d6de4bd04929238f32a6d8e44883bfe660b6cc9d0464eeab392f595c26ed12671dd7f1336f0044a8872ed0

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          1a1c13d74c3649eb5a6e39764adc27a2

                                                                                                                                                          SHA1

                                                                                                                                                          7b404f3ffcc2059f8f47bbdf64e4e3927285f257

                                                                                                                                                          SHA256

                                                                                                                                                          36ee26fa959ad678bd54795cad99d4e2cdc586c01f04caf982220cc64cd1198d

                                                                                                                                                          SHA512

                                                                                                                                                          e51ba16c31e111190668a898251e950fe8b136b189019bd40c0683f0a5e9b60a0ddcaa89bdad561f63244e50b549bc4de27abbfcdcc14365089327a7ba1f0aee

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          MD5

                                                                                                                                                          5bb8bfa7098fd11bd782a713273c22e1

                                                                                                                                                          SHA1

                                                                                                                                                          e7064ae0039aced7bc949439990672294ab813bf

                                                                                                                                                          SHA256

                                                                                                                                                          2d8c8e07143733982a54100f80d11f6bdbe20b13014d1ac912bebc8c7fad18c0

                                                                                                                                                          SHA512

                                                                                                                                                          e49cc5016d83f8e370bab09a0dc779ad00129d1fd411e12360ccecc5a1bac8c038715f097f8d37da72a664e437b5565496208ab2852e3bc6ef138b8d461c0e37

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                          Filesize

                                                                                                                                                          3KB

                                                                                                                                                          MD5

                                                                                                                                                          c11d3263d1589a9774ed1fe7362a11ac

                                                                                                                                                          SHA1

                                                                                                                                                          89a217b43b6151997b05ddcbbd9797b4af493f97

                                                                                                                                                          SHA256

                                                                                                                                                          84ba6681799bb60da1cecd822c5bbbbfae3d9408d1066ab5133463fc7c6cea02

                                                                                                                                                          SHA512

                                                                                                                                                          804a4ff5c53e26616e1976ceaac3b7a2069aa80120a39ec21e7238fb995ac10270fdb0446c98a5e235089a61a0c4d524cd7cb98b827996abb30fe33883722673

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
                                                                                                                                                          Filesize

                                                                                                                                                          28KB

                                                                                                                                                          MD5

                                                                                                                                                          1e614efa1c72d637e3cd52f732511fce

                                                                                                                                                          SHA1

                                                                                                                                                          627e2e9c014e51310e7b34a32750af617e648778

                                                                                                                                                          SHA256

                                                                                                                                                          0adb3d2781160d4b45bb0fbdd5ce6a9dd68a1f468f790ead3f89ba57a55429ba

                                                                                                                                                          SHA512

                                                                                                                                                          4ad2821a1cfec7df2e89739dcc4a57822097499878602d777ee7e210270219a004088af2111dc590892a93838ce98ba7651d85bb498a6d1c55b25943eedc8d88

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          319B

                                                                                                                                                          MD5

                                                                                                                                                          4bb377922b692d873a7141c37b600611

                                                                                                                                                          SHA1

                                                                                                                                                          2a2a2e86931aeee8569fb82d38f04c79cc5d3769

                                                                                                                                                          SHA256

                                                                                                                                                          d9ae476be27ccca24a3fb0f5f3952e7b646b8f57888b711bf7ce591fbca74fac

                                                                                                                                                          SHA512

                                                                                                                                                          879cbfbfd45eafd7c61ea149f58fd89e1fe56156aba8e4ae8605ba9e8a48669683943528871c9a0336534cda54c4044dac5ddf36f6f839ee507d2e9b0e4b845b

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                                                          Filesize

                                                                                                                                                          28KB

                                                                                                                                                          MD5

                                                                                                                                                          1d591576b905996b4d18e54671677863

                                                                                                                                                          SHA1

                                                                                                                                                          8d9601e72d16161a384bf71e9d731b264bd6c02c

                                                                                                                                                          SHA256

                                                                                                                                                          012e620aa0a0f724e9f7fc367f89bc35fadf59ada3dd28812a4c179c220817b1

                                                                                                                                                          SHA512

                                                                                                                                                          94991dc066b195665ea46eac6486da54a4067b1014b87f921d3abca5abfda4e457cc357c90630feb3ec958d08ca3594f6db915d29ebe4e56b94b0f3a477ca441

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                                          Filesize

                                                                                                                                                          264KB

                                                                                                                                                          MD5

                                                                                                                                                          8165cf459f5e14d8314858ad8ba6a03f

                                                                                                                                                          SHA1

                                                                                                                                                          35a1cf24cf4d3676feea8e7c24c575b9d5753dd9

                                                                                                                                                          SHA256

                                                                                                                                                          7d07ced3d3dde20c8a5a73058f8b23964beb36bbce67525f916879502be5a474

                                                                                                                                                          SHA512

                                                                                                                                                          9e1bf2d4de3ab301539fd899d4f474a7813a47b8874eba6a4d59f21e11b50bee33c1d2c02dd0970474124a1827810fc8df89270646275b7de1a280ee87d93d9a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                                          Filesize

                                                                                                                                                          124KB

                                                                                                                                                          MD5

                                                                                                                                                          2ff7443366586de9c9c22c7018e198a8

                                                                                                                                                          SHA1

                                                                                                                                                          9c29a457c9b59bfcec890c5359db255ab053ac89

                                                                                                                                                          SHA256

                                                                                                                                                          f8fee2c875b6fc3b898362baa71fd3675ffa53c218e7db990edfa9e2b0512623

                                                                                                                                                          SHA512

                                                                                                                                                          54032cfec80a91d5494db5081d86649a7286497c2701582d32fa49f5c654838c02c0dd28f0d7d8e8a9d1251d3fbb1768339c08da154630cf1d4ec58dcd9701c6

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                          Filesize

                                                                                                                                                          3KB

                                                                                                                                                          MD5

                                                                                                                                                          db9244ad8b84d5ee1e5dee0a99c0e4d5

                                                                                                                                                          SHA1

                                                                                                                                                          6ff678d6bd000a9e537e53a9cee5c2be58e55716

                                                                                                                                                          SHA256

                                                                                                                                                          d2bb29a1fad5a3135af6118250651570c89701d500cbbbf4dd64b75169cce099

                                                                                                                                                          SHA512

                                                                                                                                                          25246ef00fd8fbf590162eded95bfd7d093d32c614a65a460fd40478f4df2a9097e1ad6cbc8d0a0d82597b37f94c65d6b9551a771518b4a472c498123550155e

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
                                                                                                                                                          Filesize

                                                                                                                                                          12KB

                                                                                                                                                          MD5

                                                                                                                                                          469988fb3e2db2d92e14d4e531fcff20

                                                                                                                                                          SHA1

                                                                                                                                                          6965719fdb92f4c5b26e53b1c8a5e859e79a25e2

                                                                                                                                                          SHA256

                                                                                                                                                          b9a15f92eda79553654902d652f413b32530a968bf7b00153789e05cda5532b0

                                                                                                                                                          SHA512

                                                                                                                                                          a0b069424337d92f03253f7d0174f15c258967b9e0be65904b18bf4fa6a0a113b09dbbaac843650e0c641ee95c53b6943cb45f6b7edc1e1697f687b39a2f04ac

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          331B

                                                                                                                                                          MD5

                                                                                                                                                          6287993895d2d685839c5833f5c38b0f

                                                                                                                                                          SHA1

                                                                                                                                                          e6bca3106d3e0040f47fc08268a36d77965f87b5

                                                                                                                                                          SHA256

                                                                                                                                                          196e34bf8dd8c901e9fe99d15b0352b52672f35ad83686d31a986843438b6c1f

                                                                                                                                                          SHA512

                                                                                                                                                          22c7c304cdac1f61b232daa0c5aa60376356a8e449467e6bd5664314aaad80d790a580e9e825b8d6fd80102bac1edb0e5ad606e5db61c0cc9305dbd3143e6d6a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                          Filesize

                                                                                                                                                          853B

                                                                                                                                                          MD5

                                                                                                                                                          532693fb27803d074c9aa4e8180e5ed4

                                                                                                                                                          SHA1

                                                                                                                                                          a40423de22ca74507ecf875db5258a92f0cc3a79

                                                                                                                                                          SHA256

                                                                                                                                                          07179a3d58e44986fccadc21fc6c8e3467cc90a6ab6aee23462ebb9dee714688

                                                                                                                                                          SHA512

                                                                                                                                                          e1b7b83532cac9815f237f9dc6be87b2d0be57f4fd180a8a85778224ab1734931e893e06f4be2f30c13d13d8932e87c04112b3f857584b1b92d81efe8646ed70

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                          Filesize

                                                                                                                                                          5KB

                                                                                                                                                          MD5

                                                                                                                                                          75421213862c45a55d95a71d355bbcde

                                                                                                                                                          SHA1

                                                                                                                                                          3865a1b3916ea68e3236fa166a8c7a94264dcd0e

                                                                                                                                                          SHA256

                                                                                                                                                          9948073a8343974559988726eaf73be4a2dbfcc05cb9e4d5ae54a842e7fe04d0

                                                                                                                                                          SHA512

                                                                                                                                                          9a591c111eff5edacab3b092d6d4c7de727aab520c4482534657194d4f85e744d29c5845e18c73c8e8f2102d045e8c981d4aceaf4c3ebf08d27c6c74ee3428a0

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          f0b1d0f2cec4673d9425c7640225c4c0

                                                                                                                                                          SHA1

                                                                                                                                                          78f24c7d0013e8e755ffa7825f736885f2c78c10

                                                                                                                                                          SHA256

                                                                                                                                                          b47339fbd77224ada705b5304d8e0317ee08ad32d41c78fb57d9b385a07a13b0

                                                                                                                                                          SHA512

                                                                                                                                                          afe59a75ee6e73eaccc4835de2e268600953404137342da2a4fcc41df94c5492ab5a7ac3efc282e0eb9e89d9c241a698b924332b8a50a153d780efb7b36ce382

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          26b98a8529d99308994e0fc81a7e431e

                                                                                                                                                          SHA1

                                                                                                                                                          b6bf45cc9188404be6c31a658a9c0d481d55bc10

                                                                                                                                                          SHA256

                                                                                                                                                          e183c4696b5ca8c5d3c558a7c773874413ccc658e441038b5bbe24dfb92f9360

                                                                                                                                                          SHA512

                                                                                                                                                          66e397ca8ad3288f1f0b2639d32258ba5495f965b58a8eb50e351d24df15b654b1777cd616b5cc2e4e7634a5fda8d0a3a41b5633f839cf6b26c9ad2ed4af393f

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          176315070cd2fdebb8e6db0164490b43

                                                                                                                                                          SHA1

                                                                                                                                                          fb9a0cbe5df976da9d88e9a745cd09334e192b23

                                                                                                                                                          SHA256

                                                                                                                                                          d80710548fd96fa6f2b7b971fe479d33ec477e52e7cf6e722a46d14bcee29d47

                                                                                                                                                          SHA512

                                                                                                                                                          13aee7ee489f3ad6c91ff8edac2f784493cfc3bf7d82c1db1768059bd4b7a038dca7bd3e8f147cb3b6763579ccbbb08e24ed0e1e51af141833e6a7a540d4f963

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          6KB

                                                                                                                                                          MD5

                                                                                                                                                          2cce14d896f36c4e89d475086dffa7f7

                                                                                                                                                          SHA1

                                                                                                                                                          f580afdba3997f7f584756e492d32b0e0fc52ddb

                                                                                                                                                          SHA256

                                                                                                                                                          bbde573d09efc2f8e7d67c60f924d7f44534ef31225649dd03163eb2b19fe407

                                                                                                                                                          SHA512

                                                                                                                                                          2cba8c65b013d49551e40cc54223d5d777f4d87c374fd44ad52b10d7bc96e5181437e3e6ffe6bf3ef54dc11f629052f33307f75ce05c4a66cd6402604579e28d

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          6KB

                                                                                                                                                          MD5

                                                                                                                                                          2eae30d88a7d6ba138c539f7be0473b7

                                                                                                                                                          SHA1

                                                                                                                                                          79d58e033f32fd8e6a026eb51f71feac675661d0

                                                                                                                                                          SHA256

                                                                                                                                                          680f13eb80076d182db7d6d410b5b731ab5ff82aafc9a8439c21054212e55f15

                                                                                                                                                          SHA512

                                                                                                                                                          f85d7de9f347926d3b1f0d2f5a15cf9975e21e6177f6dfd18c607c55c8eb4cc7f9c7b09ac6184b68f1a80b9af0792f501b67afad094a6e84dd57d25c37edb23a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          9KB

                                                                                                                                                          MD5

                                                                                                                                                          68ac4167d058d4ac3a8884a8d264c238

                                                                                                                                                          SHA1

                                                                                                                                                          6359fba57a8dd81300ea179eb811554b5e087d9c

                                                                                                                                                          SHA256

                                                                                                                                                          0d020adfa6b26a84ac1726a70c3c4fb9a2ef43d8cbbab95454ec49193728df7d

                                                                                                                                                          SHA512

                                                                                                                                                          2598da6097ea24520dc507f358ddb7ce6e74d357362d33b1f6aa92185791f039b6f5f741856a2f92fde72eeaab8c00338e6b9cc00c85c3d71d751b13bfd8ce28

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          9KB

                                                                                                                                                          MD5

                                                                                                                                                          0425040e02cff7c53fdf43790f0b50a5

                                                                                                                                                          SHA1

                                                                                                                                                          ed2898ba8f57b01e758c047e3d62c0fd296adbcf

                                                                                                                                                          SHA256

                                                                                                                                                          f86ee47a2141be65e2f478e2c4e785b7dd72f61d19fba397cc3277a8bc6a174f

                                                                                                                                                          SHA512

                                                                                                                                                          014b4d4e8a9ecdcf0d76c4ddb2757ec1f491fbb29c23c1f6485f1b635c857f8a02e8d73280fc9d5ff669f6ca96be3350a6d11269ef05269b2385c8a5c1ae7d73

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          9KB

                                                                                                                                                          MD5

                                                                                                                                                          ee95bcef33000d1239e463372ebef40c

                                                                                                                                                          SHA1

                                                                                                                                                          7a9fb7a9069134daaeef22bb2257b2d4d6863aed

                                                                                                                                                          SHA256

                                                                                                                                                          18c7db4a2952d634dce159b5bc3106fb8648212fc6aa9942d35d7ebfb6be2176

                                                                                                                                                          SHA512

                                                                                                                                                          3c502bbdedeca347f7b4e187591a07063ddd18e1328490d5ef7846e63d8541327eb5951cac80be32f28be6e62fefd21308c0ffbaad876ff3f322844c0f111a99

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          6KB

                                                                                                                                                          MD5

                                                                                                                                                          df8fb2b2621ef9a9877454282292fc53

                                                                                                                                                          SHA1

                                                                                                                                                          ce9e513b32d896ce096a0980ed67698799820ba9

                                                                                                                                                          SHA256

                                                                                                                                                          0361f5d256e7bfcbcf56ac1ca6bae2d6fc5d94e9179e97bda5c589cb1f70eecf

                                                                                                                                                          SHA512

                                                                                                                                                          46afb6007e969945507b3aaed893b04aa6f20d456f75c8e3b275de1ded702853251523f29f57f98efdcc78f0279c09e38e7b6b4ef72aa8b997639243767f9458

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          7KB

                                                                                                                                                          MD5

                                                                                                                                                          412f56094ac4bff39347a3f88e2bd208

                                                                                                                                                          SHA1

                                                                                                                                                          14ba8070d71823f2f08fdb7fc4a522b66f2d7179

                                                                                                                                                          SHA256

                                                                                                                                                          cd2ee6485e45dc4afcd1cb680b0a8c5d8cd9e1e759b0388f50a3ad12be3b825e

                                                                                                                                                          SHA512

                                                                                                                                                          b3ba655a9ab14f406d7dfe2fc6b56ebb7a5f76a2b618db910d2b2dc518e7b2d9f6ed04a1b82d1cba9dc4c8595f73d9bfdefa6e859e87c6a629f48500899264c2

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          7KB

                                                                                                                                                          MD5

                                                                                                                                                          1b7ddfc991a57e8a040fd188c47f01c3

                                                                                                                                                          SHA1

                                                                                                                                                          653aac62e3fc6f06f6ad9a6198ecee9cf816870b

                                                                                                                                                          SHA256

                                                                                                                                                          96e536a43a408a28e4e95a4707b4ed9930e16b2736e7c3461ce28a50bb8e8fec

                                                                                                                                                          SHA512

                                                                                                                                                          d2c8c2df9c0014d34d32894c3fa3aa6e52da914cdac051dfb41699b83e999d78c3b7cf8f6e3fdf443f33e83a9dd6deeef076f5c9d4550f0b35c07a013ca0ce1f

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          7KB

                                                                                                                                                          MD5

                                                                                                                                                          5d5fa4315dfccaae6beb5a0033fb1078

                                                                                                                                                          SHA1

                                                                                                                                                          be6674f22da177557e340cb6fef89eabeca9ca55

                                                                                                                                                          SHA256

                                                                                                                                                          b4fdd0231dc3fddbacbd54a210dfafbad51f02423239267883304863202e43ee

                                                                                                                                                          SHA512

                                                                                                                                                          ed12431b562f63bbbcfbcc5318b0747d6ecda307884487fe5af005e1eee8153c9afc28262000ceaf8145761c6a0f4e34fa2e4a380e44373c748a2c4f814017d8

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          7KB

                                                                                                                                                          MD5

                                                                                                                                                          e5d1d38a28e83196783340a778608f10

                                                                                                                                                          SHA1

                                                                                                                                                          8dbbc1340dd65bf0fd0e6fdd77bdabe69c065da5

                                                                                                                                                          SHA256

                                                                                                                                                          745307d39a03abc07d378128c453fa3a16c4fb28370a21b4ec1bc7b5074bf9d5

                                                                                                                                                          SHA512

                                                                                                                                                          e98fe0f7c3b3e7daac1a04252603b8360e4817fc5a6965e825636e8b6f01c1a307f3c540d8b6739cada7ad82c93bc78cf6b932e8b07531d49a79f9619fa5903a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          7KB

                                                                                                                                                          MD5

                                                                                                                                                          f3ae0dca5393ea6156004a81ab2fab2b

                                                                                                                                                          SHA1

                                                                                                                                                          c16f45ae1a625310334c743b17c1eba073e155b4

                                                                                                                                                          SHA256

                                                                                                                                                          a3c7c04791ae0ca5b54a461a78e2674fa988c8c8672b80e099a5d1e9753f8c94

                                                                                                                                                          SHA512

                                                                                                                                                          949b8fcbd852413ac7ac1ba8312a187ca31b2518266d0cadf334ab4693a2c30503df5bab59d16c16787f3b67fb98e46a8d95587a8539e7411ef63ca8498151bd

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                          Filesize

                                                                                                                                                          7KB

                                                                                                                                                          MD5

                                                                                                                                                          cf54f44eacfb417a50193317a5d031c3

                                                                                                                                                          SHA1

                                                                                                                                                          eac2a8f68668393e898a03e7961feebdda80619e

                                                                                                                                                          SHA256

                                                                                                                                                          bf792a24d3dfc5b30053c410ea95890a8f3fba7037e146526596b17576d882fa

                                                                                                                                                          SHA512

                                                                                                                                                          07787106d34202b107287dba622c8a0a6f88d9b3db8cac855458d5b3a4f1bf068a63f2ec7713a2eed890d1bcb11daf9e69a2264795db6eae30c8c217e18da1b8

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          be112ab1dd71f53320600e05213bada3

                                                                                                                                                          SHA1

                                                                                                                                                          d11a13525340194e70dd47401f47566e3e116568

                                                                                                                                                          SHA256

                                                                                                                                                          5b25c7c7709c57a73f9c6c98ff39d3d730086f05a5b5772c2f6ee93f33a107f4

                                                                                                                                                          SHA512

                                                                                                                                                          70919bad475636186d4af8b26dc7e46f115ac48ce1b68385e55e6ba49987bbf68fe8b3f41ffde38b495ed4c2cfc8990d60c9416758cea016d4be1a13e22740a4

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          319B

                                                                                                                                                          MD5

                                                                                                                                                          7c8a0a418cb284fac56385e64fff2973

                                                                                                                                                          SHA1

                                                                                                                                                          a154e85d7f98aa4bb8a63714b0bbd14a33ee7810

                                                                                                                                                          SHA256

                                                                                                                                                          3e6b1d119178ab76fcad0b3a8b2867cca366563ffe4d505d27cba241cee90ff7

                                                                                                                                                          SHA512

                                                                                                                                                          bd49a99ec2c0447f74263b2c0af48a4dddbe8f337f957f784c0ba2c00a64d1af9fde18dcb15bf844c88003982e5d55b051ad47799266169ef246eac9bfb8df3e

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13353519323078602
                                                                                                                                                          Filesize

                                                                                                                                                          11KB

                                                                                                                                                          MD5

                                                                                                                                                          19bf1cd8780b64fe48022c2da86e0385

                                                                                                                                                          SHA1

                                                                                                                                                          bca0792c5907f4721c457acdaaa1872bbbb1559f

                                                                                                                                                          SHA256

                                                                                                                                                          6dfa0ead5f2fec1220a39dd96aeff3a3f079f08c6d35ac8ff5d7fa19ce7611e8

                                                                                                                                                          SHA512

                                                                                                                                                          106d61976687c5b13dfdee527d499cf66fc45326b8f323bd3031af25fc9ba483a723bbee87292c982a6d816e6af9314fb736cd247d1d99153b70f438b919de66

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                                                          Filesize

                                                                                                                                                          247B

                                                                                                                                                          MD5

                                                                                                                                                          c02d4660693c7d0ad982e69debadf813

                                                                                                                                                          SHA1

                                                                                                                                                          8079ab1b0147ff28ebcf1a3a00176eda35d7c52e

                                                                                                                                                          SHA256

                                                                                                                                                          ebe208514ac2f64d26fe2c27a5cb7c3478da53bfb94745fe18a9afdaa234177f

                                                                                                                                                          SHA512

                                                                                                                                                          151a0655d7209dcae8eb29bd9da3d9e76316631aeaa31429d9726d9801a030c41914c21d37bd42f3c45245acf3fa84fc857b330e08feaac36ac88d701c4e6929

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          350B

                                                                                                                                                          MD5

                                                                                                                                                          4e2f269d70be616b774c5ca44c5ca026

                                                                                                                                                          SHA1

                                                                                                                                                          5ddfd745955591dd0525643906823bc54aa15119

                                                                                                                                                          SHA256

                                                                                                                                                          332b97c04f01ed791298bda50e50acbda3c878f3aebe5823c9e9066170799975

                                                                                                                                                          SHA512

                                                                                                                                                          8ea14eb58195448a8cb0afb34be1f17238a981994652117b4d9a595dbd8cec0ef15c97ab41221ebf2d5aba83a92262475f49801b226a6dabc21f0310806dcf4a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          323B

                                                                                                                                                          MD5

                                                                                                                                                          be5727b6a8fb3f0fd69d6c4eb8b2e4ab

                                                                                                                                                          SHA1

                                                                                                                                                          5b393afb7b0c55b0874ecf7d6ca744c055948188

                                                                                                                                                          SHA256

                                                                                                                                                          736e57f10c2303b003f91b3695e6ec75511958fbc9a580a836003ecb0333181d

                                                                                                                                                          SHA512

                                                                                                                                                          a5e6cb531cca0d7845b9d7af2299a0aea0a4b145dfbda7390f4eade86dc43fc3e2f590668ad476056943aa5744b19191f54d35b1bf434b17623359fa3c3b11e6

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          53c2400d42fdc3d4a8d4b007ae44444d

                                                                                                                                                          SHA1

                                                                                                                                                          a3870686f529b48f7eb73dece1f23edbb0443a11

                                                                                                                                                          SHA256

                                                                                                                                                          0df210b9bfcedb81aafedbd6b2d4e474c92e0f36a448172dbcbb286044f13d3a

                                                                                                                                                          SHA512

                                                                                                                                                          6f5fce6f763880b8e21340a3ac91d86826fc59a8ee781ca43cd2689af4924a85abf2a33d7fe33074485c8c11256725df95baba6e48d28dce448539d0d3c582f8

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          1719a436c678f9afea1c8c07d1704d79

                                                                                                                                                          SHA1

                                                                                                                                                          bc643cba5c32a73a7d34711aebe04569e1a034be

                                                                                                                                                          SHA256

                                                                                                                                                          c0f8f26aad2d4c725ef89ede7f697753ab7f9e9f3c620500495e5cafcf387295

                                                                                                                                                          SHA512

                                                                                                                                                          8dbcbed437d21f63ff13429ae199a93659d7459dfdc8eb32cdda5d45239a7ef28070ee04eee7216956de11d6ca32864e0d48a74cdc58da1492a44b905de08a67

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                          Filesize

                                                                                                                                                          2KB

                                                                                                                                                          MD5

                                                                                                                                                          996e26a25022452897215b3fa4856fe1

                                                                                                                                                          SHA1

                                                                                                                                                          ffa8de38e67198d189eb20266a9ce6bfb5b336cf

                                                                                                                                                          SHA256

                                                                                                                                                          71cf9a2595dc09634b9ac7cecae0f6c5d7f3dc79cfc70ed3dd70cfd1c8f94b90

                                                                                                                                                          SHA512

                                                                                                                                                          2bb4662795ff5e5d2c42f288f91aec5f9878f97967be47c372f895693777e01ee256f80e6dd475fbd258247cbd1f63c600386a9222d05876973151a715ef90bb

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          88fe1de3dcabeb810d0a0b5e8aaf2af8

                                                                                                                                                          SHA1

                                                                                                                                                          38f934cfe15b1eb78e95be1388d5534bb0afc6d9

                                                                                                                                                          SHA256

                                                                                                                                                          5e5eaccf4a6fe4227a7d99576342340b19057b7437e665aeaba59ac6b8431b16

                                                                                                                                                          SHA512

                                                                                                                                                          8e80fc8e8a58a6259c41d71421591f64970f2259250d655feb45569c0fd63c314210a55b2d7dbef42c734e67e9db3409e40c07ec35d93624f59c0a00af3af326

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                          Filesize

                                                                                                                                                          2KB

                                                                                                                                                          MD5

                                                                                                                                                          aae0b2a03e156239e02b22aad0c976bf

                                                                                                                                                          SHA1

                                                                                                                                                          53732a408cba70c2d4721fd0d514a42f0e9e06bf

                                                                                                                                                          SHA256

                                                                                                                                                          edf1e839496e4d01a6211bdefe255819f3b126d9542d12d0fe776126f8e565ca

                                                                                                                                                          SHA512

                                                                                                                                                          0950ff54394942003ea276d01445cf893cbf790e24720f18b1287f857c870b6df6f8f9a634d3ff0e9ac28d64365e8d6e044432d365e6dda5e4a6f66cbcd63e02

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                          Filesize

                                                                                                                                                          1KB

                                                                                                                                                          MD5

                                                                                                                                                          c387fbbe26295d104682fe368eb0d989

                                                                                                                                                          SHA1

                                                                                                                                                          f25e31d8edc63702bc6d1c4c76c34200e29cc093

                                                                                                                                                          SHA256

                                                                                                                                                          fd48c23b6f9ca3b191abb28849df1da0d49f055e46a18ffedf4221304e60ef14

                                                                                                                                                          SHA512

                                                                                                                                                          13033ea3636f70e76830f5a47dc50590c448a55f5791fcab67560a6381c927f39abe1acace7e4395f76e3e8dc148e3209496cf88a5f9c713ccd9381d0bc29d55

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe588894.TMP
                                                                                                                                                          Filesize

                                                                                                                                                          536B

                                                                                                                                                          MD5

                                                                                                                                                          bedcc88cd9ab0ad11f6683290b397dbb

                                                                                                                                                          SHA1

                                                                                                                                                          b3badbd62e1eb3f275431da1a9cbe0e4d842d898

                                                                                                                                                          SHA256

                                                                                                                                                          918d25322bccfc9ea2b02e214903d69e7613d57f6816a46659f3616fb5ad4b7d

                                                                                                                                                          SHA512

                                                                                                                                                          67c0fefd3983133665decfdee7571fe2b835b1a82b158801310465459f67fb0bee5ece427c4fbdc4646d71121f9fd686c991d4a9a73b8cd30584b7cfb122711a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                                                          Filesize

                                                                                                                                                          128KB

                                                                                                                                                          MD5

                                                                                                                                                          e781455245e945a98b067e831bc9d730

                                                                                                                                                          SHA1

                                                                                                                                                          51d51ef70e608e6a00b4194c81954040165582cb

                                                                                                                                                          SHA256

                                                                                                                                                          7bc1d79d206839aec968f191ee978c17f4a0e0133068dbe8a378d78084279795

                                                                                                                                                          SHA512

                                                                                                                                                          c5fad1070d43ee8b9fd3344a34fb4130735fad1d226a92d54a4a348c6fdf5acc6144e8510d1b2cbd57e5b1a4e99d3622a876678c102d91c2a49c5d40b1985f07

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
                                                                                                                                                          Filesize

                                                                                                                                                          116KB

                                                                                                                                                          MD5

                                                                                                                                                          ff0ad0a71b2a8aabc8ae48ddb5328f0e

                                                                                                                                                          SHA1

                                                                                                                                                          29d70f7ccbbf975dcb11d3a1a3db72f3d8f492a1

                                                                                                                                                          SHA256

                                                                                                                                                          b396bc0463df4ee4d1d2d077ba7d3e523f7dc06324f1aa229f984ed4dd7c628b

                                                                                                                                                          SHA512

                                                                                                                                                          7d19aa5db1ecad7ba1e7eae4b9baa6012088a8d362bbfa7a33d1234fb00f08d3ed2ead8e599118bc94c1da68454ce96cc8061ad571065e7ec6540ae05120d25a

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                          Filesize

                                                                                                                                                          16B

                                                                                                                                                          MD5

                                                                                                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                          SHA1

                                                                                                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                          SHA256

                                                                                                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                          SHA512

                                                                                                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                          Filesize

                                                                                                                                                          16B

                                                                                                                                                          MD5

                                                                                                                                                          aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                          SHA1

                                                                                                                                                          dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                          SHA256

                                                                                                                                                          4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                          SHA512

                                                                                                                                                          b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                          Filesize

                                                                                                                                                          72KB

                                                                                                                                                          MD5

                                                                                                                                                          6095dd47b73a83f4257852d357fb2fbe

                                                                                                                                                          SHA1

                                                                                                                                                          53c27858cc2457f22005810aabc1a397a82238ce

                                                                                                                                                          SHA256

                                                                                                                                                          84a8eedad4bf26640640b901a41f417ae2cbcb3fcb6b5f2956ca3a082dfe4225

                                                                                                                                                          SHA512

                                                                                                                                                          38ff75d159e7640635a49f59cfaa227cf77169515f7196b4f10c10501df87a724eb7d8019903e32bc842cbe9aba633795b8eed6d4dd8f2078c6c091cf749c9eb

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
                                                                                                                                                          Filesize

                                                                                                                                                          166KB

                                                                                                                                                          MD5

                                                                                                                                                          7ba35f3c88ba6f957c6ea6277cc5a65e

                                                                                                                                                          SHA1

                                                                                                                                                          ba9dceb9726a61d9120804c0c9d912fc644fb399

                                                                                                                                                          SHA256

                                                                                                                                                          adb897b7f12e613c3859a2372e62a325f4124000e5d6a48b3827f1a580bea314

                                                                                                                                                          SHA512

                                                                                                                                                          c1d2aebdad09f21a5ddcf2d4501ddf30def8dc20cf9e8dad81b64f68bd2e4e4101f7ce8131c80bba35a2a1cebc73ee131f79c937e3dbdcd552fd05331e5c516b

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          319B

                                                                                                                                                          MD5

                                                                                                                                                          1ad04d36f329988f5a8c9f81f765f554

                                                                                                                                                          SHA1

                                                                                                                                                          072ae9d0d04645a46f1ba58ebba10ec32ba11740

                                                                                                                                                          SHA256

                                                                                                                                                          b0efbc6df4869992876b9c86d45a5d26770d75e784b26472f0ced72b05a61f35

                                                                                                                                                          SHA512

                                                                                                                                                          2d95f214bb75fc0c2b1934dbfaa905d7bddb0e57c61a9d11fa184199c942f60c9d993bf94e2aac19ccd29cec3eeaef1d1f689fe61c106c78e1c4bde5b828e9a3

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
                                                                                                                                                          Filesize

                                                                                                                                                          565B

                                                                                                                                                          MD5

                                                                                                                                                          e8a9cd2d6a4758d9d78873ae63e582b9

                                                                                                                                                          SHA1

                                                                                                                                                          84a467b18d09882c321c7ecb822c77d79cd530d8

                                                                                                                                                          SHA256

                                                                                                                                                          43698b051617b349112cdbd959342f8a39066dcb0890f144b394b9f709c07597

                                                                                                                                                          SHA512

                                                                                                                                                          902accb2fbd41df27da001e99eca48983735d76333b7a1e3354f5b38d9f9a63d4151f337bc20438aab078a0eb232a7a695ea43bfd588944a6a7ddc45d9994650

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
                                                                                                                                                          Filesize

                                                                                                                                                          337B

                                                                                                                                                          MD5

                                                                                                                                                          10160e6d6f9d8a9a24a4e58956efaa33

                                                                                                                                                          SHA1

                                                                                                                                                          6acca3d8a4fa2db1d2c36ff8f17a3be99f3e64e4

                                                                                                                                                          SHA256

                                                                                                                                                          84de76d3bdd4c1060875e978fb6aca197454a45b4236ebf6f380915b397557e2

                                                                                                                                                          SHA512

                                                                                                                                                          53319384426ad2f05aa484ee86d383018ef5b113539567f43e6ad26f5daa0785b98552503aa5c4a69c736c7bb98e3e8e79690577860ef33745206bf51b1ea1bb

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                                          Filesize

                                                                                                                                                          44KB

                                                                                                                                                          MD5

                                                                                                                                                          864d55730744031009be950a66fecf13

                                                                                                                                                          SHA1

                                                                                                                                                          854362fc691b41206b3662fb21c2441e3b6153ea

                                                                                                                                                          SHA256

                                                                                                                                                          501ba07eee2925923d8f7348258c0cca13e847db4bd97c12bd7db813a66112eb

                                                                                                                                                          SHA512

                                                                                                                                                          aaa5d42c54aead07aff418b9708a2a2787159ef1dbceb1d37c2973171c76d1c456e16cb4dc97e2a5d6efeec8e078112be9c3d0183898f1bc283fb25b41879506

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                                          Filesize

                                                                                                                                                          128KB

                                                                                                                                                          MD5

                                                                                                                                                          0895aa70d5a4840d116167588592f6de

                                                                                                                                                          SHA1

                                                                                                                                                          f91e1781b9dca11eeec8de409aadd55aef097803

                                                                                                                                                          SHA256

                                                                                                                                                          d25c616a57a26e040073b10176945f840b452b343327bfc4d6aab356c94085f5

                                                                                                                                                          SHA512

                                                                                                                                                          a7a04d2aec9796eceba68fdc53b8f585f77361593a372bd9f092609780478fb73e812d74d12224c83c4c36a02fa8914555a56834588cd19becd6c80ed826ffbc

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
                                                                                                                                                          Filesize

                                                                                                                                                          128KB

                                                                                                                                                          MD5

                                                                                                                                                          338daccaeade9d379e6f69b702f6dfac

                                                                                                                                                          SHA1

                                                                                                                                                          a89d27d23103fb8b11bec3226b9f8812a2f90e7d

                                                                                                                                                          SHA256

                                                                                                                                                          4ebcc095a896ee44dd5a3e0c80ddc2bbe0958d38db1684deac397786ba124a03

                                                                                                                                                          SHA512

                                                                                                                                                          561bbc09cb1ea061e4aebb320e400de69e9a3c3a8697261d174211223faccba8e789f6f86079bc9bd227e9a1da08efdb8bb78be93464efc011c5b5e2733e3401

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003
                                                                                                                                                          Filesize

                                                                                                                                                          17KB

                                                                                                                                                          MD5

                                                                                                                                                          6bc4851424575eaf03ebe2efee6073ab

                                                                                                                                                          SHA1

                                                                                                                                                          2d014fe2feb929d03a46322645a94556ca5c9e96

                                                                                                                                                          SHA256

                                                                                                                                                          abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e

                                                                                                                                                          SHA512

                                                                                                                                                          af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004
                                                                                                                                                          Filesize

                                                                                                                                                          17KB

                                                                                                                                                          MD5

                                                                                                                                                          fc97b88a7ce0b008366cd0260b0321dc

                                                                                                                                                          SHA1

                                                                                                                                                          4eae02aecb04fa15f0bb62036151fa016e64f7a9

                                                                                                                                                          SHA256

                                                                                                                                                          6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e

                                                                                                                                                          SHA512

                                                                                                                                                          889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                          Filesize

                                                                                                                                                          11B

                                                                                                                                                          MD5

                                                                                                                                                          838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                          SHA1

                                                                                                                                                          5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                          SHA256

                                                                                                                                                          ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                          SHA512

                                                                                                                                                          9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                          Filesize

                                                                                                                                                          12KB

                                                                                                                                                          MD5

                                                                                                                                                          62d86082ae763c07534fe634b1e30198

                                                                                                                                                          SHA1

                                                                                                                                                          4f66833cf7076ec01377415fec015577a785cfe8

                                                                                                                                                          SHA256

                                                                                                                                                          ab42232465fbae8cf75c4c8e285842a488a27a94301eecfbb42369696fe0366a

                                                                                                                                                          SHA512

                                                                                                                                                          9ba702e35b33584e002cb5db6f07142e7268b8d5cf6f1d6032871796b12c875fa1131bfc7ba95a28e265a87e4e60cf0393edb45347b2d8d6e155409401cc2e27

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                          Filesize

                                                                                                                                                          12KB

                                                                                                                                                          MD5

                                                                                                                                                          e8534e42ada853930f237dd04fb170c7

                                                                                                                                                          SHA1

                                                                                                                                                          3a2a0310cf742a5c7a40afe675f20312b9b0ecfd

                                                                                                                                                          SHA256

                                                                                                                                                          36a76af1ca3fc58bb585925707d561b09d58e546865b4ef2c54c5bed39f02d73

                                                                                                                                                          SHA512

                                                                                                                                                          eb0793f9fef37d0a7b15bc3360d6685690026237f42e549e0ee87cb8827d0977c93183cdfe817130889da4d553f9b352541f778cacb00c711bee90a324903617

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                          Filesize

                                                                                                                                                          12KB

                                                                                                                                                          MD5

                                                                                                                                                          177c025a8fe2fd166a28fa944873ccb7

                                                                                                                                                          SHA1

                                                                                                                                                          a7dc5db620533fddf1c304aaee8d14ce156af837

                                                                                                                                                          SHA256

                                                                                                                                                          625193e47b75c7c7aa9de357b1b499ecf32b469f95395bbdb7d641ce81f48b13

                                                                                                                                                          SHA512

                                                                                                                                                          0b16813ff0bb2bf976c2514272301e2c6c399f933432b84815e9430e07f813d42e256b689a12e856a00e8ea498126ec82eac7325b39f632a73b83cc6be89c452

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                          Filesize

                                                                                                                                                          11KB

                                                                                                                                                          MD5

                                                                                                                                                          df6da2d92cdeb328c254c050085acfe6

                                                                                                                                                          SHA1

                                                                                                                                                          a9f045bc93ff646274c3957d6c5057e49c8ead80

                                                                                                                                                          SHA256

                                                                                                                                                          dae40b6be2babfffa4a06af51d05e2ff31a07a467cc97c740b8ee09fdbf3ea8d

                                                                                                                                                          SHA512

                                                                                                                                                          2111c9875e193c5106e16d6e39af2d7d85a7e40ee928f6c21fbe9f423ddf6e4cfcf146f89189e7b1a2136a4318f91404bf1c682c334e843c338ba783b2404b14

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                          Filesize

                                                                                                                                                          12KB

                                                                                                                                                          MD5

                                                                                                                                                          00deff57d8453082f199ce9da1593434

                                                                                                                                                          SHA1

                                                                                                                                                          ea8fdd2328837b18a6f040893db7efc4d9ccfc41

                                                                                                                                                          SHA256

                                                                                                                                                          f37d540cb5a1061d533b6dcb23fa0258cd186f3a54234dc2cd6c2754ee8f607d

                                                                                                                                                          SHA512

                                                                                                                                                          4797ca1481c189e52b0f296d8c81e5e45af86ebd144123ed12ea76a0dbec75621f9f6b3c2d0ec1da30b8402579fd9d9fedcd71fb8f92076d14a5b4b36a7d0213

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                          Filesize

                                                                                                                                                          264KB

                                                                                                                                                          MD5

                                                                                                                                                          2155df1090d131db034f9cc952aedb36

                                                                                                                                                          SHA1

                                                                                                                                                          5aa0509dcc1ad7988b2f153b9643af1c4d898faf

                                                                                                                                                          SHA256

                                                                                                                                                          1197b847989909f1676aedf776ac28dc6573da95f4e3f443c8d96682ac361225

                                                                                                                                                          SHA512

                                                                                                                                                          d44f4a9913cc0fa50c056638f25d50412135f9ab0dd97d641400408d79db68ac67184f97db1861d1e6c9007b295526c3b89a98686ffbdf5ab06442c143fdc78f

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                          Filesize

                                                                                                                                                          264KB

                                                                                                                                                          MD5

                                                                                                                                                          853b747f5c7953cc41591dc2879f7a18

                                                                                                                                                          SHA1

                                                                                                                                                          e514a35c59c9dc0da212791c4887a755dac733ea

                                                                                                                                                          SHA256

                                                                                                                                                          74a4795053e0c97eb98f8272ba73cdc9de3428c242d292e5ec3fae563c0ba43f

                                                                                                                                                          SHA512

                                                                                                                                                          ba52a3108acb1440096b39cd681b7f7536b9491a1b5cbbe29a73ae05a21d9f78c91e828d216074170ae5f42f1235d0b402e840f25fc89bd2550c03c6cd0de7e9

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\20RAD7Y0\suggestions[1].en-US
                                                                                                                                                          Filesize

                                                                                                                                                          17KB

                                                                                                                                                          MD5

                                                                                                                                                          5a34cb996293fde2cb7a4ac89587393a

                                                                                                                                                          SHA1

                                                                                                                                                          3c96c993500690d1a77873cd62bc639b3a10653f

                                                                                                                                                          SHA256

                                                                                                                                                          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

                                                                                                                                                          SHA512

                                                                                                                                                          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

                                                                                                                                                          Download Submit

                                                                                                                                                        • C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip
                                                                                                                                                          Filesize

                                                                                                                                                          14.5MB

                                                                                                                                                          MD5

                                                                                                                                                          6872385075349cc31c4c3642c1984a3e

                                                                                                                                                          SHA1

                                                                                                                                                          ec4e69e0d9ef0fde14f372be330438ce2e8a6382

                                                                                                                                                          SHA256

                                                                                                                                                          767e7e9ed248f6aa9786e8c7e305ef5c150225a48648747a2fff237ce219e2ad

                                                                                                                                                          SHA512

                                                                                                                                                          6f4ff10648a76aaf9bb1299f641c6826ea0d43820ea5184877dbd73dad5c3a811981ad1f7da530a7838fd038e96f4b593fb5d33b4e3b53a37d94bdf4d38d69b9

                                                                                                                                                          Download Submit

                                                                                                                                                        • \??\pipe\LOCAL\crashpad_2512_IPKTHUAJIOUWLXIZ
                                                                                                                                                          MD5

                                                                                                                                                          d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                          SHA1

                                                                                                                                                          da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                          SHA256

                                                                                                                                                          e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                          SHA512

                                                                                                                                                          cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                                                          Download Submit

                                                                                                                                                        • memory/492-663-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-657-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-653-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-652-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-651-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-662-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-659-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-661-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-660-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/492-658-0x00000173616A0000-0x00000173616A1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-1562-0x00000000009A0000-0x0000000000AA0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          1024KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-854-0x0000000074860000-0x0000000074E11000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          5.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-855-0x0000000074860000-0x0000000074E11000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          5.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-856-0x0000000000C40000-0x0000000000C50000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-857-0x0000000010000000-0x0000000010010000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-864-0x0000000004CE0000-0x0000000004CFA000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          104KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-1540-0x0000000074860000-0x0000000074E11000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          5.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-862-0x00000000009A0000-0x0000000000AA0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          1024KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-1561-0x0000000000C40000-0x0000000000C50000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/548-863-0x0000000004CE0000-0x0000000004CFA000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          104KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2036-649-0x00000000052A0000-0x00000000052B0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2036-648-0x00000000052A0000-0x00000000052B0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2036-650-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2036-647-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2068-631-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2068-632-0x0000000004EF0000-0x0000000004F00000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2068-633-0x0000000004EF0000-0x0000000004F00000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2068-634-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2984-1651-0x0000000000400000-0x0000000000414000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          80KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2984-1448-0x0000000000400000-0x0000000000414000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          80KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/2984-1559-0x0000000000400000-0x0000000000414000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          80KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3048-646-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3048-645-0x0000000005480000-0x0000000005490000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3048-644-0x0000000005480000-0x0000000005490000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3048-643-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3228-1560-0x0000000000400000-0x00000000004BC000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          752KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3228-1484-0x0000000001FC0000-0x0000000001FC1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3228-1650-0x0000000000400000-0x00000000004BC000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          752KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3428-665-0x00000000059F0000-0x0000000005A00000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3428-666-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3428-664-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3448-636-0x0000000004FC0000-0x0000000004FD0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3448-637-0x0000000004FC0000-0x0000000004FD0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3448-635-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3448-638-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3504-624-0x0000000002FC0000-0x0000000002FD0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3504-623-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3504-625-0x0000000002FC0000-0x0000000002FD0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/3504-626-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9138-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9126-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9166-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9165-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9164-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9163-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9162-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9161-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9160-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9159-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9158-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-1621-0x00000000009D0000-0x00000000009D1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9157-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9156-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9155-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9154-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-1791-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-2451-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-4420-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9153-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9152-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9151-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-7579-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9150-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9149-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9148-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9147-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-8538-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9084-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9086-0x00000000009D0000-0x00000000009D1000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          4KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9117-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9118-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9123-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9146-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9127-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9128-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9145-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9136-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9137-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9144-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9139-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9140-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9141-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9142-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4012-9143-0x0000000000400000-0x000000000070B000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          3.0MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4104-642-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4104-640-0x00000000057E0000-0x00000000057F0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4104-639-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4104-641-0x00000000057E0000-0x00000000057F0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-484-0x00000000053F0000-0x0000000005400000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-477-0x0000000005460000-0x00000000054FC000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          624KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-475-0x0000000000A00000-0x0000000000A72000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          456KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-476-0x0000000074670000-0x0000000074E20000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-485-0x0000000074670000-0x0000000074E20000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-478-0x0000000005AB0000-0x0000000006054000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          5.6MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-479-0x00000000055A0000-0x0000000005632000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          584KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-483-0x0000000005590000-0x000000000559A000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          40KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-482-0x0000000005780000-0x00000000057D6000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          344KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-481-0x0000000005520000-0x000000000552A000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          40KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4228-480-0x00000000053F0000-0x0000000005400000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4800-489-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4800-486-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4800-487-0x0000000005520000-0x0000000005530000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4800-488-0x0000000005520000-0x0000000005530000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4844-630-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4844-629-0x0000000004BF0000-0x0000000004C00000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4844-628-0x0000000004BF0000-0x0000000004C00000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          64KB

                                                                                                                                                          Download

                                                                                                                                                        • memory/4844-627-0x0000000074710000-0x0000000074EC0000-memory.dmp

                                                                                                                                                          Filesize

                                                                                                                                                          7.7MB

                                                                                                                                                          Download