Analysis

  • max time kernel
    137s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/03/2024, 23:17

Errors

Reason
Machine shutdown

General

  • Target

    Clicker - TobiaszGaming.exe

  • Size

    56KB

  • MD5

    0906ac2b765df79b4a9567da3df99b00

  • SHA1

    a77200d2867c9007a116fb4f131bd73b63694bc6

  • SHA256

    976790c0cee5b9a2a264fdaadc28de45827047ae2448ee3be6df7fbde7baadd9

  • SHA512

    73b4ea3977e96475bb95bb9b57fd885ee05f6e43f8236dc69a9c55e66ec07d14b62a8d79a1efa85b8f044649c31833ff9a5a9f6d0bffccf7032ce35b4f90fc01

  • SSDEEP

    1536:cGeFPVQOQwoZBKUHzCJvTinnUwmynYb1V:GQXKUOZEmIYz

Score
8/10

Malware Config

Signatures

  • Modifies Installed Components in the registry 2 TTPs 2 IoCs
  • Registers COM server for autorun 1 TTPs 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 4 IoCs
  • Enumerates system info in registry 2 TTPs 8 IoCs
  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
  • Modifies data under HKEY_USERS 15 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 18 IoCs
  • Suspicious use of FindShellTrayWindow 53 IoCs
  • Suspicious use of SendNotifyMessage 48 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe
    "C:\Users\Admin\AppData\Local\Temp\Clicker - TobiaszGaming.exe"
    1⤵
      PID:2972
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
      1⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:4580
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbb15c46f8,0x7ffbb15c4708,0x7ffbb15c4718
        2⤵
          PID:2356
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
          2⤵
            PID:5068
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
            2⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:1220
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2752 /prefetch:8
            2⤵
              PID:1872
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
              2⤵
                PID:3440
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
                2⤵
                  PID:1880
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4272 /prefetch:1
                  2⤵
                    PID:1964
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
                    2⤵
                      PID:5044
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8
                      2⤵
                        PID:1016
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5412 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:1140
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
                        2⤵
                          PID:3020
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
                          2⤵
                            PID:4104
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
                            2⤵
                              PID:1776
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
                              2⤵
                                PID:5104
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
                                2⤵
                                  PID:1416
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
                                  2⤵
                                    PID:3324
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                                    2⤵
                                      PID:4440
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
                                      2⤵
                                        PID:1940
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6204 /prefetch:1
                                        2⤵
                                          PID:4360
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6424 /prefetch:1
                                          2⤵
                                            PID:208
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1
                                            2⤵
                                              PID:5352
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1
                                              2⤵
                                                PID:5480
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1
                                                2⤵
                                                  PID:5488
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
                                                  2⤵
                                                    PID:5496
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
                                                    2⤵
                                                      PID:5504
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7676 /prefetch:1
                                                      2⤵
                                                        PID:1124
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
                                                        2⤵
                                                          PID:5996
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=7360 /prefetch:8
                                                          2⤵
                                                            PID:5376
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7044 /prefetch:8
                                                            2⤵
                                                            • Modifies registry class
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            PID:5396
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1
                                                            2⤵
                                                              PID:944
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2556 /prefetch:1
                                                              2⤵
                                                                PID:6060
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3800 /prefetch:1
                                                                2⤵
                                                                  PID:5252
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1860 /prefetch:1
                                                                  2⤵
                                                                    PID:4076
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
                                                                    2⤵
                                                                      PID:5856
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1740 /prefetch:1
                                                                      2⤵
                                                                        PID:4672
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1
                                                                        2⤵
                                                                          PID:5876
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1
                                                                          2⤵
                                                                            PID:5264
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
                                                                            2⤵
                                                                              PID:1580
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6244 /prefetch:1
                                                                              2⤵
                                                                                PID:1480
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
                                                                                2⤵
                                                                                  PID:2976
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
                                                                                  2⤵
                                                                                    PID:4216
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1
                                                                                    2⤵
                                                                                      PID:1008
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
                                                                                      2⤵
                                                                                        PID:1464
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3108 /prefetch:1
                                                                                        2⤵
                                                                                          PID:5092
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
                                                                                          2⤵
                                                                                            PID:5692
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1
                                                                                            2⤵
                                                                                              PID:5364
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5672
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7256 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:4072
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:5804
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:1668
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:5856
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:5652
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:5028
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:1
                                                                                                            2⤵
                                                                                                              PID:6104
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:4512
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6672 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:5872
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5984 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:5708
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:4820
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8124 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:5936
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6720 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:4940
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8364 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:3840
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:5356
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8608 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:5156
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8760 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:5144
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8772 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:2628
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9464 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:5564
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:6124
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9700 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:3880
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:5080
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10096 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:6188
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10296 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:6376
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:6568
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10700 /prefetch:1
                                                                                                                                                  2⤵
                                                                                                                                                    PID:6784
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1
                                                                                                                                                    2⤵
                                                                                                                                                      PID:6904
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8644 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:6980
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8704 /prefetch:1
                                                                                                                                                        2⤵
                                                                                                                                                          PID:7048
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8208 /prefetch:1
                                                                                                                                                          2⤵
                                                                                                                                                            PID:6588
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1
                                                                                                                                                            2⤵
                                                                                                                                                              PID:6876
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:7056
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9732 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:3096
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9928 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:7128
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9568 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:5256
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:5596
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:4264
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:3348
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6876 /prefetch:1
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:6528
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:6012
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9392 /prefetch:1
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:2228
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9112 /prefetch:1
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:5300
                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:1704
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:2276
                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9900 /prefetch:1
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:2476
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:6908
                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8536 /prefetch:1
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:7032
                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:7024
                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9036 /prefetch:1
                                                                                                                                                                                                2⤵
                                                                                                                                                                                                  PID:7064
                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10852 /prefetch:1
                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                    PID:6792
                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1832 /prefetch:1
                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                      PID:5200
                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,6542483709535162805,7069827606930757516,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                        PID:6060
                                                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                        PID:4648
                                                                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                          PID:4404
                                                                                                                                                                                                        • C:\Windows\explorer.exe
                                                                                                                                                                                                          C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                          • Modifies Internet Explorer settings
                                                                                                                                                                                                          • Modifies registry class
                                                                                                                                                                                                          • Suspicious behavior: AddClipboardFormatListener
                                                                                                                                                                                                          • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                          • Suspicious use of FindShellTrayWindow
                                                                                                                                                                                                          PID:5060
                                                                                                                                                                                                        • C:\Windows\SysWOW64\DllHost.exe
                                                                                                                                                                                                          C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                            PID:2500
                                                                                                                                                                                                          • C:\Windows\SysWOW64\DllHost.exe
                                                                                                                                                                                                            C:\Windows\SysWOW64\DllHost.exe /Processid:{FCC74B77-EC3E-4DD8-A80B-008A702075A9}
                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                              PID:6468
                                                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
                                                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --uninstall --system-level
                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                • Modifies Installed Components in the registry
                                                                                                                                                                                                                • Registers COM server for autorun
                                                                                                                                                                                                                • Modifies registry class
                                                                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                PID:4668
                                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
                                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff6e4157688,0x7ff6e4157698,0x7ff6e41576a8
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                  PID:6160
                                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --uninstall
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                  • Enumerates system info in registry
                                                                                                                                                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                  PID:6212
                                                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffba3279758,0x7ffba3279768,0x7ffba3279778
                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                      PID:5556
                                                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1676 --field-trial-handle=1756,i,10557565382124001311,3484516652028774495,131072 /prefetch:2
                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                        PID:4628
                                                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 --field-trial-handle=1756,i,10557565382124001311,3484516652028774495,131072 /prefetch:8
                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                          PID:1528
                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument microsoft-edge:https://support.google.com/chrome?p=chrome_uninstall_survey&crversion=106.0.5249.119&os=10.0.19041
                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                        • Enumerates system info in registry
                                                                                                                                                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                                                                                                                                                        • Suspicious use of SendNotifyMessage
                                                                                                                                                                                                                        PID:5688
                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffbb15c46f8,0x7ffbb15c4708,0x7ffbb15c4718
                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                            PID:5732
                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2000 /prefetch:2
                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                              PID:2256
                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                              PID:3308
                                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                PID:5772
                                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                  PID:4340
                                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                    PID:1756
                                                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                      PID:2160
                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4068 /prefetch:8
                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                      • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                                                                      PID:2808
                                                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                        PID:5220
                                                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                          PID:512
                                                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                            PID:468
                                                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1988,3798645785142534291,15165146275577724982,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                              PID:3848
                                                                                                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                          PID:3920
                                                                                                                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                            PID:5640
                                                                                                                                                                                                                                          • C:\Windows\system32\LogonUI.exe
                                                                                                                                                                                                                                            "LogonUI.exe" /flags:0x4 /state0:0xa38dd855 /state1:0x41c64e6d
                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                            • Modifies data under HKEY_USERS
                                                                                                                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                            PID:4912
                                                                                                                                                                                                                                          • C:\Windows\system32\bootim.exe
                                                                                                                                                                                                                                            bootim.exe /startpage:1
                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                            • Drops file in System32 directory
                                                                                                                                                                                                                                            • Drops file in Windows directory
                                                                                                                                                                                                                                            • Suspicious behavior: GetForegroundWindowSpam
                                                                                                                                                                                                                                            • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                                                                                                            PID:5232

                                                                                                                                                                                                                                          Network

                                                                                                                                                                                                                                                MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                                Replay Monitor

                                                                                                                                                                                                                                                Loading Replay Monitor...

                                                                                                                                                                                                                                                Downloads

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  253KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  14b33ae99c8ee0db3b2cad3ec9c4e252

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  74b500cb482b2c2e94456ba314ded1dfc9181c2c

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  bec6cccaf6b04b6c08eec36447d6ac9584cde459b6f03a19dec3d1950bcfc0cd

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  621a495b1c55ef5d2c39011265b2dec39b74e4e3519c7aae03200b669a320897796247cabe3c7f5d6becb41e6815068855693754b16b810cd5f5c266bc86cc43

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  264KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  f50f89a0a91564d0b8a211f8921aa7de

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  152B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  7740a919423ddc469647f8fdd981324d

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  c1bc3f834507e4940a0b7594e34c4b83bbea7cda

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  bdd4adaa418d40558ab033ac0005fd6c2312d5f1f7fdf8b0e186fe1d65d78221

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  7ad98d5d089808d9a707d577e76e809a223d3007778a672734d0a607c2c3ac5f93bc72adb6e6c7f878a577d3a1e69a16d0cd871eb6f58b8d88e2ea25f77d87b7

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  152B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  4a4642516bc6372d8579b9c3705ec3ef

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  4353ec5ea33952ad03b1058dc5d1b39489695058

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  d8e0273e0138799bc98ec2fab75cb21379f1ec7d9426b570fe0d7da120ba18c9

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  528ea3d3d02d6c0b861bb2b8400fbc27af54524dee25e4ca12d713e1ac52722ceac32ebcdb429509d85e66adde29efe4cfbd314629c6c20ab13f778b4d0fae30

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  152B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  296ca2fc16f1322c385592699f153ac7

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  523b919cc32bf4e081cf2a6e9dda64d22b4a8efe

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  2041e8d6c1da8aec31875b5349f8a310e0b95aa5d9cc2479a2b680e528ab7f8c

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  b3bcc4fcb8108ff265c4e25ba3743e76cf729f027f016c04c5f9603a0bbd792887bcc0c4aedef4e634a1544822796edfc94df69d0afe774437774aa1e215bf7c

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  152B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  9f44d6f922f830d04d7463189045a5a3

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  2e9ae7188ab8f88078e83ba7f42a11a2c421cb1c

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  0ae5cf8b49bc34fafe9f86734c8121b631bad52a1424c1dd2caa05781032334a

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  7c1825eaefcc7b97bae31eeff031899300b175222de14000283e296e9b44680c8b3885a4ed5d78fd8dfee93333cd7289347b95a62bf11f751c4ca47772cf987d

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  28KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  2c4e11f1dd7c68428d6264dde3905183

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  8383cbc6741bdc648ef5f3aac9451143f0a0b91b

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  8eddfb6115005dd9626e438fd970154c97f5d721904d507c94f0158f9c966af1

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  03d8b034b592dd41cea1e40fb063f5460410e2d5ad37661300c1448734bdf309328ab49ec74b724baaa2236777548b08b59b40fd779a07ead28d5c706482118d

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  31KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  9efa5823df2a18150e094e8327507da8

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  949252af168a66baa0799428830c12782275f212

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  b8067f516f3ad2dacbe59f783064c29fac154f84f501f6f07fde4e88d8b011ed

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  ef552cd0682eb82e7064cbe444f936260abafa8aa1c09632d91770dbccf170fadd32b7fa518e62868f29ff3287ce1808b0ecd5c4c87bbad01eec26666fc67bcd

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  32KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  cf1ef78c904c715dfd91b823a6af4dcc

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  b53f441d3a5857546bdc8c421399a09ab159a6af

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  82eb08a4b6967a90b9c4220d1d8025ec090d3d759b736f78224cb469174f86f4

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  60cf4ed04725d11a11f27493a1ac063e69960a2777c354db1815bf4e117230e610b3e36792ff289d2979cdc3b3b4cf29e84b3c4047cc8234ae9684d2dd043165

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  134KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  f73705f1dde46fc0a28d89bfada19560

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  1b11f47a604b40716767c12289aa36a1d22b8e8f

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  bdf50fece9cf39818d0d7512a6a19b4f317f7e7f76c780ac976a442da86e37c3

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  ac1ebc7297d717e5cbd948be58c702efa314ecacf3898ff5249d881d233533089dea49a105a7abb844d93fb1abc6d9ad9b402ece2e63e8573fc5ea9cc1bca247

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003a

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  138KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  5c32684542e22faa94d045720ea8420a

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  b9a565a60d8226167b94d514d9c9c70838a971d4

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  b9f94b85edb146d26d6f744a829d458709bbe9ce390bbc50a838bad8c39e3a79

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  a1f5d678c09f93c1d41d3f5632fde006bd4c1ea1e0ed55fafbdf9a9ab476d4bd080644887b0cd5b24654964a3069be2831e49f4fb658f6a121a7a38e74a7f554

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003b

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  84KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  af94c65f2769a3aba95564fad18c1106

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  460186fc66d52dd7f3bf9bdb825f95a17b27e9ac

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  dc7e7a029f68958314b01a8d663065ab8b7fc14d100463fd76cdc43f390205f8

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  2e1037b5bdea07f28d255e0c31179504c2511b1cc08ca79358e0a2ee562bb84a75e421d067910e38f64166a95fe6db48c0122b68f3e06b1b970e7c07cfc47be9

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003d

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  73KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  2f29cf103c9da0bf9b4d0fea702f04e4

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  8cad5f690c64a6e877fb2636a11047836ea558a3

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  6917add9c9b53b1c6adc217ca75ec4850ab443aa394bf08283326186d19cb423

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  b6c25d8942d64cd3a6bebaec70630a3e3f530dcbbcb714709c5e35935850fb928a9e7823b83a66571e351ad2ee76eebd1e0ddd61de022e273d8509b823070858

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  22KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  144b7f4be6c93cf3d9859c0ad7d26d7a

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  bc6e8daf31ce14bcca0aa2d6da0bd9c2515685ef

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  2ca26e633b92afbbdca3909080374c44aa948eb19ffaf5b283e707fad8a87ac9

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  a8f725d906c1855f51c79868a2e8ce1b699f6411cb2ec9ca054c4dce1ce86bda06b12eba64614d44038e7ffbdcaf415ce421486354d63c0a599b4a6a125ac247

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003f

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  37KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  c314e5949c3a64b86160ff20243955ee

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  e493abea7258bf8871048ce4ee71a2e9ed2c154e

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  075d79c6f3debab7cd0e241df6559152677c6bfa873a4ac8c27ff531534799a7

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  c0b81f352880860098282faf8044bdaad22795c3b9671e37f293ceafc4613752120d31a43f3e5150db76624bc6fd28c89c801b662b42ab71aebfc54c1dbfb06d

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000040

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  21KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  983957d8d873d170d6e1a53983bf4b55

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  1efbdf5ae419c9a1a61f1b8d5b83735d146e27f8

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  7d4cb940aceb5dcf3286a45ddd9b1bfce9c93d94cc8a135846f1b1f005ae2cc2

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  768f27cd67e3b5e344f60ca34a6fafb87b71c6350dd3d28983e6e3f7ce4c82d312bc0043921e69c4ce8b987b408ec1350d1b1cde94880b76b3484123cb8cbcf1

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000041

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  22KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  84fd9773f086a9b808482d9916fe70a5

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  e66fc8571000ab9e82dcccc64cf7ee368d0b8ea5

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  1ba8f38ebd055f4c6b109f7991ed267fe0952008af78b4cae4d569dd15cbe665

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  cc80a10a554e26764f311078645329741c6aae4efa0e6ba384e63165ec23ba54f91ac998c9f843c14118b47c845503c1ba7ea5ada17d0aaadfe8f2817f4acd32

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000042

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  87KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  a771fc73613b56e8450448cb6ad29ed8

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  07a9c54334c90849554df4b4ee8aa4e61b2f45e1

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  b79d977a373c2b0c50bc6f7090f9d478645f6a8cf68c40f10185926802ec9fab

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  a46baac5723760e790a297f49d0c15b692dd69263658ce5b027bd12f06da5a6b0a7b8dc8dfa93815fbbc6cd69906e6886d7a0a2b1091dcd49a6a53d4e15353b5

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000043

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  32KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  42e7c85cb2dc4b9514a51a7d0557efec

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  ec2d4fafcfbf5a262cf4b525c90be708de596547

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  43ca7c2a78a7428df2d542d97cc93b3cf6f4b3af81f6aff115249fae42dc2e85

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  1adbaa1cf29864c79452a94f80e610f7dfe14ebae9fba08893d5c07a0be1e0dcc1c6b94fb9592d52af41889fcb17139e50c2dcbec737c510d3cf08f65d6c87ca

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  16KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  c9e916390862543b54ad0ecae786305a

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  77ace8d2e0d39dd87de0ff70d92e38ef2f97d1bd

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  46079dad59a8ba4baeeeb9d212e5bc926512e81fb19a40bdce22c9edd7b30cba

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  9f54e779896940bc4f6c0831e7e6573737670bdb53eaa1240748da6fdad2684f86a95d72ce921464fe57da2d6bf70d5fecaa15a62bec56ee38cb33c138198dc0

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  85KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  929993628fa6ac57c7a2694fa5f5d7ce

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  20ac5a4faaaa5a87e3874724aa41ab8ccf8f92e7

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  eba47d4a3e28d90785a6e2972840917c9f44151d6aca3279c992ced991ec3b41

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  777aebb666e3947cbbce5fc1636fd4b12fc4f197bd4eae78ca739540e8556e10bb5fb81080c27d5bb2e65b0893e43cc004bc09047ba132691b9152eb2516a808

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  137KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  2edd402f579cb7ba111f83314e85dc37

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  5e0ad84e150683808ad82d45118a4784a62896fe

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  941147267ffca7cb70f30bdd2ea3c1308b3e230112c8a031d2e88f31674f2393

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  31b50ef95b265eb0c64586006458282c89ae62ced99ace6a6335469d998285ff88138bc59bd90d9e440406f1fc9b41105cf0adc6a214fc85a1c4f08462d6377b

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  33KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  b11c29627af739a82589fa05ac56a2d0

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  8f725d54d3700e3927ccc7dc3529baa6862249b2

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  1df1ed387779f2875339a0303f2f6a98c303bb52bb911011a237d8b00221dd38

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  20eee0fa314a7078cff271bc1b5fa871d48017134f011104b1376bc4f70b3218b48e40d9060d863dc29e8c513664fe218788346ec2f399a4f7f24076e73e24fc

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  25KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  bd277d6710263cbd9eed572248cb83b2

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  2ee01929f87f04b766f04a9dc2e19860139f3a90

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  8b96c5f204df1979e7452832ba595b20ee698b5ef9d334cb2342f6ca9a354f04

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  cc79e88e39f54f7497600716db9d30e073edd4350fec8e4d58d427f8c194bc9532a108ac27d88e1bebbca0780a3fb02294d35a3b5acc8383344eacbafcaafc3e

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  22KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  748d1872b4494039155e243e2fec9e51

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  d0e34135d545ff733d654d7f5dc7c8492e530210

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  39f89ef640b071a2376ccf8f59677d3ff36fd097b825e4e4d060a7b828090695

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  85f7b27c03c16fdba9d39ae3c1ae5ddf6e9c4f7a3e69eeca1c29f99b17f8e63783fb596bbf38fd02856f0c69f125aa480fd54260125719015d65ecfed94274cc

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  16KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  89a574ff00e6b0ec61d995d059ce6e65

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  aea09e96808ab77165ffa712eaa58b8f056d0bb6

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  106KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  6bfe54db13e6705ca9ca287316eb58a0

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  082b8403beae6b4a4bae5cd0e425c57478f5f8a5

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  1eb7baaf77afba3f7c340f4167f0c5cdfbb6ae9d17d254b9af37e2ac671dbfc4

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  b05c23c16665f224c7d88097e0f3bc61bd333d30733b46e0e3d11ca73ae3f722acc4353b0a06c615d78d02d1cccec8ffdd5e65b3004aba8c39503ccd171839ee

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000050

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  38KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  0f7891c04cd4b6ebb4f092c3224edff4

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  21c5027c1768cbf25403398f74abc3fdfb330ad3

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  d4d2d2466dec18bb19a46bbe8d9f4b8edde53b3a266f79087a5dc4fc844a3234

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  a13cfae7639ef67497a4f9803f5475a7a511703089efc882855b9e16b6fde06a9570efdb370792ef83346c1af33699aacc0294892fbd4917a3cdf0fc62dc299f

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000051

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  30KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  af9af7871a811c16a2b3f9784b361d74

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  1201aa7b9a8a15b786bbce02bbcb5f12f1c96acc

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  0ba364dc77bd16bea50600b8159e0580de2d38d28f64a1673a2193818eb113b1

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  426ea74958047d236735157ca80d49ee7120b5f39f7ca7e25bc43195215e175c02a4242e3a475a3f559d87bf2f630ab284f6cc1e1557d492c1464780145ba544

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  33KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  c15d33a9508923be839d315a999ab9c7

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  d17f6e786a1464e13d4ec8e842f4eb121b103842

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  29KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  d453eca18d366c4054d2efd57717cf9d

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  c7b0dfc73bb89d8f0a94e2cde0eeba2b5e07d5c4

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  be8f4fac2d40747a0adaecc6f1befe81b254a2b12bf25ce01d7194b374a457fc

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  a6f770c9e4058e8c17f3f72a245f76075441e07507ef05d455108e1768ca2a93f851b92335b33c1de61cf941cf135b0be4698d3d551b54132b2d5c882fd34835

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  242KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  12f0ed750edbcbadd6ea2bd0fee0e5e1

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  7946d88aadec876bb4e2ffe52e0619b76c5f06d8

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  1bb7bd8cd40ab3cdf3634ceb0e1457fdcc8e37ffc0f93159f0f7107170eb5b7b

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  c8697e986fce94a6df13f99fa5a7c9237646226a3622ee1303be0486e59e1eebfc14b6515fba019a290204658fe4278d867674e59a2039df12ce306451db6de9

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000089

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  27KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  032f97d15e951ecf1df389b8569d61ba

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  3a3846c7f1bd8c39696a7688ff47c141a4899768

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  03501b91ac299d943644c0efd601328bc25e9f4814cf7d7e9086f6f20f75bbac

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  1979cc0b094a1a0f25e61b9f12a0d5baec8155d99990953762dc5c6f2cd308d8a0ae903c9f2b532fd5f3156176493fff968c10c712690fa25325ff74dd17bcbe

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  5KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  838596dbd872af4b2aca25a7920fd406

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  2cf025602d162c5771e0da68b5b8d871d4a8cd98

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  8f0f3fa0fd47687d46462d682e8906d7b190ebc80d03ba7c3f0f4f489d18e752

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  625723c5411e010abb411e8447651cfb816a200d86b52b2d672894bd4f42b290240ce6908125d353340defb47152b4927cb5a62c57b1af99eb6f1b54f36c22e2

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_namemc.com_0.indexeddb.leveldb\MANIFEST-000001

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  23B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  3fd11ff447c1ee23538dc4d9724427a3

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  19KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  abaaea4d531725fabdad238b3926a0d6

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  91fcdd8591674eb32c9cadcad659b3f512371be4

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  a2a2788c51f73ea80c23dc3e6d5b47befa38725cebd4608e8567b41279b7b273

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  73be9eb378cb9df107d23b3be6b2015ef2a71b89b0197fbf12f71ee39572ac764a24831e87d2df174481c43c26e3b3446c0d918e0bdd1ba40716d7b2ad3f672f

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  22KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  0823586d8a7bd005a0535fd024237fe8

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  cfec06c71ef1057e0bb4487369baf4fdee29e5ce

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  e0268fea510999a7f145de974c8966f2f2df93759128651195a81cf11bc917c4

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  55154a5e4c55d9b44cfe6829100fe1654351ca8732a196d3a277365d46c17e16719229cfc3fb49ee9337e403a355f6a6e64995be90267b677356dc95890b61d5

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  22KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  fb2ee4736954f5c6f51e9a232d3f0511

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  04248778cb1a14c3fb28d07c1982a1a27d52533b

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  efa93ca676ca0a7eb41c95f73ce05a446f14b0f3bf1bbad85d16422c9049f778

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  0db54feb36c9819836f25bb23a0252ece05be159f28130a01ae972570c2a7a9aad47ad85eaf7f3528475e24957e0b090c40c5e77f61b3d3d531b4b5b962ae19d

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  6KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  5812ceca356a483e4a8b0de6f4030f26

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  80826265c9f179bfb0bf80fbc2197196ad0ae0d0

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  5abff6d8a432ca35c9b4d5ea693aeafd3c43c86df216ecd48ba70266331009c0

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  acbcfcfacaaab55f754ff20d0ad8c249d377dfa42d3ec2aa8a9fb8aaf9eb7e4607e025f28ef4a9e89ab27c2bdc13142e79359168334093a54171d9a6bc921303

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  7KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  ce5961a21a67e76d486a061e7f5392b5

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  0066906a7241e09dd38bb9fc4e7e81db86023bec

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  924b446e2b0d84360ca33b90e0e5d418936a55c130dff7d473a73664962afc97

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  80bcb3513de6c7cc9cedf83019baa9561a648b6448198abeb9ea0109c8ea39c263c345cba49e142381fea07fae28e87d654206edc795c3ab8a008e30a30c15c9

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  10KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  7ce7ad251ae48d9390bfa9fe1cbefda6

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  1c8822a476c7857714fd6614dd7e6f1a3dff7469

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  c36cfa33b31e1799c22da13eadc25ea0ad5f43516e9f7065493a2033da2ea732

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  bcef3cea44ad0dad25343aedac873a3cf7973a0d2da57dc1cc122edb9e7374db65a3c1155fcc7b10bcb2be2dbdec3daf646af38ac4ef204f04a5ed4ebf8fee38

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  14KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  9b9d182d562a6278b4c82ee94e9cb004

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  ac6e042dba6af2d4a389f2035587ae863acb7e35

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  fdd48617b34cd531c72677c526b3241bd6d29d042da22717e0630add85f2ec60

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  0fc2acfa72692d026e5f3ae38b23c822a7076c08dae2bbbfaeb66837b579cc9733b02835b0c98b8c9981226c38c255b98c4ef0e444b6163e2ddf92f04bc0da8b

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  16KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  1fea1ec7ac7ec1f6c021e4e10b0a8939

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  a775af997b1f75bc5782b95373c5bc536d3921ea

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  b5aca83c35c346874b8b4e97fcb08f0be90e23f240d7e1f29609bf37eab6f13c

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  424b9876540b7f4ad309268cdaf93c95d47515023ba9af4d72a16666075f6268a558ac1b30d022996f00e20eaeb655efd4a35b897349a2a2968a63917e236f1a

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  22KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  22f40a8d2b5282977e1cb4d9e635ab06

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  c2aaa97bbd4f2d974e269308a23e0a7cc8e0b126

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  f0530a6ccaf1b9492e6c0b81f981f7898c70f9262536cf20d3dbb97caac77e32

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  3cb2911c0a4d400e2ca1066d94911bbda758a14bddedcc85c40534573d35861c3c60cc457611ba6509f146f2e15e7727c745f244e79213fbebb1a30050f11b1e

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  7KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  887e3e7b3a034e5a7fdf439b2d936bef

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  d5c936ead1de59bbc54e00fab152663fdc7de517

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  309fcc3856babf98c3c62318466398c9042f7df5c214f7410ef2e79327ab0b2d

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  e9e865383257c342b34bd8af636585fdefb4447abf5cd41dc57d0656adc73849c5b484bd412e18900ed954f4242381340550461961d7927efa059611f13005a5

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  5KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  36bff9d87c8ac436e57e6ce027e8ed04

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  ea0d38977b1d3390ad3129276f8f54b7705e0104

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  7940e0727de31766073966f47e6d7ad53af46c08b8f0ffd4f74006b0117359c6

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  f669281d502362b18121c96e4e493dc5fd519c3a30552857a51c7c60361cda6dcc31913ca322a7866336d151c090e1c5669c915b0a29d7cbb863b2d33540c19f

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  5KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  0e9c0f60a42c3ef8d9c46c5be737fe7b

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  14464789ad6f5d1b001b82d7ea75c13dd51826f4

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  1ff90d233c74c485acd44bf2da2553cbd0690a4631086183f9ac925325bf5fde

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  80d2eb9640b53456041173ac2eeb71ff79561b0bfa1549a7cf7f256bb2cdb96ca98a0ad9fbf33ec0e9c140ebd433a86dd6f46fc17ff3a5e9e5ac31303933f6c4

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  6KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  ab3db71c7649a39d5236a40f97d635e4

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  80b4f21145844be0f164d84980b5c65f89be3782

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  65cae17d6b83973bb030834cbf4211959c4927869432e6912674b6b20b5c6475

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  e7cc1d9ed7f2a238af6e8d5a64002c523dbc2c30342cf2e318f969aa23dbc2a0ba7eec717949f5e7a6eef9638a3a6f54514dd202fe2e9f6a18c75c261d324c2a

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  3KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  184d3e91eddf213fde9e6c5e665325a8

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  96af1c7cde326fd1ef928f96e1ed0e6046c83e55

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  c46c8d9dc27d9134428a643905d7779f0304f69396df64652e66122c1a455d71

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  f822ab92070607dfcbb19c42fb05ec41d4663c5752c1aef00d847f92b0dc5201d89599d6ebfd852806fcb5e44a979693e2d36e243c06c9cf2477430cab665d5c

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  6KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  1c4e553285b6647a2ea226d4eeee3072

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  0ee00899b37ae3062fac16df7680926d66df019d

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  c919532db4a675be545130481f265755ea1c07c6952ede083f47afe7c44844c4

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  c38c9b1f38642d24a70d74ef244a06658f8695776b9b35d66ab4be62adf84a9a386e20f2289483ca04480c1840adc22b3912a49feb543394875fcc3950a23a91

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e58d.TMP

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  3KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  5247bcfc19b7ef8f99a929b4992a60af

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  bd97e47927b8daee04a12f33e420c03ecc4e91df

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  355214979816868839f082d09613d945a47a82d713b580c9fa725347cefe1ab5

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  b9ecbe9c49901fc7f3102e0516af846d2cb7ca47c7378fc6f366e0e63962ae39d73a6ebf64c73fe2b61b8d7dd9b2164f8509e82a6eb1db15daa5529f42ac0f98

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  16B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  16B

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  11KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  4280314a0324c52d1beec1d2d1092dd9

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  0585cafd1e665adb5faef8e8196854159d570d50

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  3a87639b1dea71ba28309b416ac925cc2e77101b557e4275a8c737e2af05dad9

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  09cf15366f6f188b43415abb3599ba7a49fe9cfe72f509a547a46006876e09ce84d9de5bc2a8e9a49405cb8d62b696bee0f9f95db95e9994500fb98c30482d2a

                                                                                                                                                                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  12KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  cbdfb45f7d7076cb76bcf17f66f4cbe0

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  89ef89132773f158e9b200e7c479752773308a6d

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  abf5a911403591a2260933e2295257a960a0459ba208ed5d520c04e125a7663b

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  42277b46b1605113fb3707daa660567f4abafeec5fd690a8b61899f74a21bc3b2e6ac85069b79d1ffb22ea53994baa84e83bbec765d6f6e6d243a381a0fca5f1

                                                                                                                                                                                                                                                • C:\Windows\System32\Recovery\ReAgent.xml

                                                                                                                                                                                                                                                  Filesize

                                                                                                                                                                                                                                                  1KB

                                                                                                                                                                                                                                                  MD5

                                                                                                                                                                                                                                                  6fd5b0fe99125289d97e3f641f5f6450

                                                                                                                                                                                                                                                  SHA1

                                                                                                                                                                                                                                                  ae506bf8bcdc35419d8f6cad39478af2a190a2fe

                                                                                                                                                                                                                                                  SHA256

                                                                                                                                                                                                                                                  68b5e93c47779d6d5ec230e848ef412df87eb2aba57463f79e09d50210c77a77

                                                                                                                                                                                                                                                  SHA512

                                                                                                                                                                                                                                                  6f363f92986cec7f476d03bbb879dcf75119cb5388985f117779e74b88c9fea1412988d6c4c12a6f5c0f1d5b649b4f00e59b970d2c7c0f8df7156d1ae174d554