734403a96fad68cb2ef2b340adddd9cadd5894007aac703dcdb4a4cb8326c538

max time kernel
814s
max time network
1210s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10-03-2024 21:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/MEMZ 3.0 (1)/MEMZ 3.0/MEMZ.bat
Size

12KB
MD5

13a43c26bb98449fd82d2a552877013a
SHA1

71eb7dc393ac1f204488e11f5c1eef56f1e746af
SHA256

5f52365accb76d679b2b3946870439a62eb8936b9a0595f0fb0198138106b513
SHA512

602518b238d80010fa88c2c88699f70645513963ef4f148a0345675738cf9b0c23b9aeb899d9f7830cc1e5c7e9c7147b2dc4a9222770b4a052ee0c879062cd5a
SSDEEP

384:nnLhRNiqt0kCH2LR0GPXxGiZgCz+KG/yKhLdW79HOli+lz3:nLhRN9t0SR4iZtzlREBWhuF

Score

7^/10

bootkit persistence

Malware Config

Signatures

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

MEMZ.exeMEMZ.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000\Control Panel\International\Geo\Nation	MEMZ.exe
Key value queried	\REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000\Control Panel\International\Geo\Nation	MEMZ.exe

Executes dropped EXE 7 IoCs

Processes:

MEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exe

pid process

1856 MEMZ.exe
2964 MEMZ.exe
3016 MEMZ.exe
1064 MEMZ.exe
1864 MEMZ.exe
2220 MEMZ.exe
216 MEMZ.exe
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
bootkit persistence

Bootkit
T1542.003

Processes:

MEMZ.exe

description ioc process

File opened for modification \??\PhysicalDrive0 MEMZ.exe

pid	process
1856	MEMZ.exe
2964	MEMZ.exe
3016	MEMZ.exe
1064	MEMZ.exe
1864	MEMZ.exe
2220	MEMZ.exe
216	MEMZ.exe

description	ioc	process
File opened for modification	\??\PhysicalDrive0	MEMZ.exe

Drops file in System32 directory 3 IoCs

Processes:

mmc.exemmc.exemmc.exe

description	ioc	process
File opened for modification	C:\Windows\System32\devmgmt.msc	mmc.exe
File opened for modification	C:\Windows\System32\devmgmt.msc	mmc.exe
File opened for modification	C:\Windows\System32\devmgmt.msc	mmc.exe

Drops file in Windows directory 59 IoCs

Processes:

mmc.exemspaint.exemspaint.exe

description	ioc	process
File created	C:\Windows\INF\c_processor.PNF	mmc.exe
File created	C:\Windows\INF\c_fssecurityenhancer.PNF	mmc.exe
File created	C:\Windows\INF\c_barcodescanner.PNF	mmc.exe
File created	C:\Windows\INF\c_fsundelete.PNF	mmc.exe
File created	C:\Windows\INF\c_extension.PNF	mmc.exe
File opened for modification	C:\Windows\Debug\WIA\wiatrace.log	mspaint.exe
File created	C:\Windows\INF\c_fsreplication.PNF	mmc.exe
File created	C:\Windows\INF\c_fscopyprotection.PNF	mmc.exe
File created	C:\Windows\INF\c_fsopenfilebackup.PNF	mmc.exe
File created	C:\Windows\INF\oposdrv.PNF	mmc.exe
File created	C:\Windows\INF\c_fscompression.PNF	mmc.exe
File created	C:\Windows\INF\c_fsvirtualization.PNF	mmc.exe
File created	C:\Windows\INF\c_fsinfrastructure.PNF	mmc.exe
File created	C:\Windows\INF\c_monitor.PNF	mmc.exe
File created	C:\Windows\INF\c_fsphysicalquotamgmt.PNF	mmc.exe
File created	C:\Windows\INF\c_fshsm.PNF	mmc.exe
File created	C:\Windows\INF\PerceptionSimulationSixDof.PNF	mmc.exe
File created	C:\Windows\INF\c_fsquotamgmt.PNF	mmc.exe
File created	C:\Windows\INF\c_fssystemrecovery.PNF	mmc.exe
File created	C:\Windows\INF\c_diskdrive.PNF	mmc.exe
File created	C:\Windows\INF\c_swcomponent.PNF	mmc.exe
File created	C:\Windows\INF\c_fsactivitymonitor.PNF	mmc.exe
File created	C:\Windows\INF\c_fscfsmetadataserver.PNF	mmc.exe
File created	C:\Windows\INF\digitalmediadevice.PNF	mmc.exe
File created	C:\Windows\INF\c_smrdisk.PNF	mmc.exe
File created	C:\Windows\INF\rdcameradriver.PNF	mmc.exe
File created	C:\Windows\INF\ts_generic.PNF	mmc.exe
File created	C:\Windows\INF\rawsilo.PNF	mmc.exe
File created	C:\Windows\INF\c_computeaccelerator.PNF	mmc.exe
File created	C:\Windows\INF\c_media.PNF	mmc.exe
File created	C:\Windows\INF\miradisp.PNF	mmc.exe
File created	C:\Windows\INF\xusb22.PNF	mmc.exe
File created	C:\Windows\INF\c_display.PNF	mmc.exe
File created	C:\Windows\INF\c_volume.PNF	mmc.exe
File created	C:\Windows\INF\c_netdriver.PNF	mmc.exe
File created	C:\Windows\INF\dc1-controller.PNF	mmc.exe
File created	C:\Windows\INF\c_fscontentscreener.PNF	mmc.exe
File created	C:\Windows\INF\c_fssystem.PNF	mmc.exe
File created	C:\Windows\INF\c_fscontinuousbackup.PNF	mmc.exe
File created	C:\Windows\INF\c_cashdrawer.PNF	mmc.exe
File created	C:\Windows\INF\c_fsencryption.PNF	mmc.exe
File created	C:\Windows\INF\c_receiptprinter.PNF	mmc.exe
File created	C:\Windows\INF\c_mcx.PNF	mmc.exe
File created	C:\Windows\INF\c_smrvolume.PNF	mmc.exe
File created	C:\Windows\INF\c_scmvolume.PNF	mmc.exe
File created	C:\Windows\INF\c_ucm.PNF	mmc.exe
File created	C:\Windows\INF\c_firmware.PNF	mmc.exe
File created	C:\Windows\INF\c_sslaccel.PNF	mmc.exe
File created	C:\Windows\INF\wsdprint.PNF	mmc.exe
File created	C:\Windows\INF\c_scmdisk.PNF	mmc.exe
File created	C:\Windows\INF\c_fsantivirus.PNF	mmc.exe
File created	C:\Windows\INF\c_camera.PNF	mmc.exe
File created	C:\Windows\INF\c_holographic.PNF	mmc.exe
File created	C:\Windows\INF\remoteposdrv.PNF	mmc.exe
File created	C:\Windows\INF\c_linedisplay.PNF	mmc.exe
File created	C:\Windows\INF\c_apo.PNF	mmc.exe
File created	C:\Windows\INF\c_magneticstripereader.PNF	mmc.exe
File created	C:\Windows\INF\c_proximity.PNF	mmc.exe
File opened for modification	C:\Windows\Debug\WIA\wiatrace.log	mspaint.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks SCSI registry key(s) 3 TTPs 63 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

mmc.exemmc.exemmc.exeTaskmgr.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	Taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	Taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\FriendlyName	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName	mmc.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	Taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	mmc.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006	mmc.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 4 IoCs

Processes:

explorer.exeMEMZ.execalc.exeexplorer.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000_Classes\Local Settings	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000_Classes\Local Settings	MEMZ.exe
Key created	\REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000_Classes\Local Settings	calc.exe
Key created	\REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000_Classes\Local Settings	explorer.exe

Runs regedit.exe 3 IoCs

Processes:

regedit.exeregedit.exeregedit.exe

pid process

4340 regedit.exe
9576 regedit.exe
9912 regedit.exe

pid	process
4340	regedit.exe
9576	regedit.exe
9912	regedit.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

MEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exe

pid	process
2964	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
1864	MEMZ.exe
3016	MEMZ.exe
1864	MEMZ.exe
3016	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
1864	MEMZ.exe
1864	MEMZ.exe
3016	MEMZ.exe
3016	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
3016	MEMZ.exe
3016	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
1864	MEMZ.exe
1864	MEMZ.exe
2220	MEMZ.exe
2220	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
1064	MEMZ.exe
2964	MEMZ.exe
1064	MEMZ.exe
2964	MEMZ.exe
2220	MEMZ.exe
2220	MEMZ.exe
1864	MEMZ.exe
1864	MEMZ.exe
3016	MEMZ.exe
3016	MEMZ.exe
2220	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
2220	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
3016	MEMZ.exe
3016	MEMZ.exe
1864	MEMZ.exe
1864	MEMZ.exe
2964	MEMZ.exe
2964	MEMZ.exe
1064	MEMZ.exe
1064	MEMZ.exe
2220	MEMZ.exe
2220	MEMZ.exe
2964	MEMZ.exe
3016	MEMZ.exe

Suspicious behavior: GetForegroundWindowSpam 6 IoCs

Processes:

Taskmgr.exeregedit.exemmc.exeMEMZ.exemmc.exemmc.exe

pid process

5456 Taskmgr.exe
4340 regedit.exe
6476 mmc.exe
216 MEMZ.exe
6440 mmc.exe
6932 mmc.exe

pid	process
5456	Taskmgr.exe
4340	regedit.exe
6476	mmc.exe
216	MEMZ.exe
6440	mmc.exe
6932	mmc.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

Processes:

msedge.exe

pid	process
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe

Suspicious behavior: SetClipboardViewer 4 IoCs

Processes:

mmc.exemmc.exemmc.exemmc.exe

pid process

6440 mmc.exe
6932 mmc.exe
8720 mmc.exe
10016 mmc.exe

pid	process
6440	mmc.exe
6932	mmc.exe
8720	mmc.exe
10016	mmc.exe

Suspicious use of AdjustPrivilegeToken 29 IoCs

Processes:

Taskmgr.exeAUDIODG.EXEmmc.exemmc.exemmc.exemmc.exemmc.exe

description	pid	process
Token: SeDebugPrivilege	5456	Taskmgr.exe
Token: SeSystemProfilePrivilege	5456	Taskmgr.exe
Token: SeCreateGlobalPrivilege	5456	Taskmgr.exe
Token: 33	6064	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	6064	AUDIODG.EXE
Token: 33	6476	mmc.exe
Token: SeIncBasePriorityPrivilege	6476	mmc.exe
Token: 33	6476	mmc.exe
Token: SeIncBasePriorityPrivilege	6476	mmc.exe
Token: 33	6440	mmc.exe
Token: SeIncBasePriorityPrivilege	6440	mmc.exe
Token: 33	6440	mmc.exe
Token: SeIncBasePriorityPrivilege	6440	mmc.exe
Token: 33	6440	mmc.exe
Token: SeIncBasePriorityPrivilege	6440	mmc.exe
Token: 33	6932	mmc.exe
Token: SeIncBasePriorityPrivilege	6932	mmc.exe
Token: 33	6932	mmc.exe
Token: SeIncBasePriorityPrivilege	6932	mmc.exe
Token: 33	8720	mmc.exe
Token: SeIncBasePriorityPrivilege	8720	mmc.exe
Token: 33	8720	mmc.exe
Token: SeIncBasePriorityPrivilege	8720	mmc.exe
Token: 33	10016	mmc.exe
Token: SeIncBasePriorityPrivilege	10016	mmc.exe
Token: 33	10016	mmc.exe
Token: SeIncBasePriorityPrivilege	10016	mmc.exe
Token: 33	10016	mmc.exe
Token: SeIncBasePriorityPrivilege	10016	mmc.exe

Suspicious use of FindShellTrayWindow 64 IoCs

Processes:

msedge.exeTaskmgr.exe

pid	process
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

Processes:

msedge.exeTaskmgr.exe

pid	process
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5036	msedge.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe
5456	Taskmgr.exe

Suspicious use of SetWindowsHookEx 64 IoCs

Processes:

MEMZ.exewordpad.exemspaint.exemmc.exemmc.exemspaint.exemmc.exemmc.exeOpenWith.exewordpad.exemmc.exemmc.exe

pid	process
216	MEMZ.exe
2936	wordpad.exe
2936	wordpad.exe
2936	wordpad.exe
2936	wordpad.exe
2936	wordpad.exe
2936	wordpad.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
3752	mspaint.exe
3752	mspaint.exe
3752	mspaint.exe
3752	mspaint.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
6312	mmc.exe
6476	mmc.exe
6476	mmc.exe
216	MEMZ.exe
216	MEMZ.exe
6328	mspaint.exe
6328	mspaint.exe
6328	mspaint.exe
6328	mspaint.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
6324	mmc.exe
6440	mmc.exe
6440	mmc.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
8052	OpenWith.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
216	MEMZ.exe
7080	wordpad.exe
7080	wordpad.exe
7080	wordpad.exe
7080	wordpad.exe
7080	wordpad.exe
7080	wordpad.exe
216	MEMZ.exe
216	MEMZ.exe
7148	mmc.exe
6932	mmc.exe
6932	mmc.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

cmd.exeMEMZ.exeMEMZ.exemsedge.exe

description	pid	process	target process
PID 1624 wrote to memory of 3328	1624	cmd.exe	cscript.exe
PID 1624 wrote to memory of 3328	1624	cmd.exe	cscript.exe
PID 1624 wrote to memory of 1856	1624	cmd.exe	MEMZ.exe
PID 1624 wrote to memory of 1856	1624	cmd.exe	MEMZ.exe
PID 1624 wrote to memory of 1856	1624	cmd.exe	MEMZ.exe
PID 1856 wrote to memory of 2964	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 2964	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 2964	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 3016	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 3016	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 3016	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 1064	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 1064	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 1064	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 1864	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 1864	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 1864	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 2220	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 2220	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 2220	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 216	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 216	1856	MEMZ.exe	MEMZ.exe
PID 1856 wrote to memory of 216	1856	MEMZ.exe	MEMZ.exe
PID 216 wrote to memory of 2136	216	MEMZ.exe	notepad.exe
PID 216 wrote to memory of 2136	216	MEMZ.exe	notepad.exe
PID 216 wrote to memory of 2136	216	MEMZ.exe	notepad.exe
PID 216 wrote to memory of 5036	216	MEMZ.exe	msedge.exe
PID 216 wrote to memory of 5036	216	MEMZ.exe	msedge.exe
PID 5036 wrote to memory of 3184	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 3184	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe
PID 5036 wrote to memory of 4940	5036	msedge.exe	msedge.exe

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:1624
- C:\Windows\system32\cscript.exe
  cscript x.js
  2⤵
  PID:3328
- C:\Users\Admin\AppData\Roaming\MEMZ.exe
  "C:\Users\Admin\AppData\Roaming\MEMZ.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious use of WriteProcessMemory
  PID:1856
- - C:\Users\Admin\AppData\Roaming\MEMZ.exe
    "C:\Users\Admin\AppData\Roaming\MEMZ.exe" /watchdog
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:2964
- - C:\Users\Admin\AppData\Roaming\MEMZ.exe
    "C:\Users\Admin\AppData\Roaming\MEMZ.exe" /watchdog
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:3016
- - C:\Users\Admin\AppData\Roaming\MEMZ.exe
    "C:\Users\Admin\AppData\Roaming\MEMZ.exe" /watchdog
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:1064
- - C:\Users\Admin\AppData\Roaming\MEMZ.exe
    "C:\Users\Admin\AppData\Roaming\MEMZ.exe" /watchdog
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:1864
- - C:\Users\Admin\AppData\Roaming\MEMZ.exe
    "C:\Users\Admin\AppData\Roaming\MEMZ.exe" /watchdog
    3⤵
    - Executes dropped EXE
    - Suspicious behavior: EnumeratesProcesses
    PID:2220
- - C:\Users\Admin\AppData\Roaming\MEMZ.exe
    "C:\Users\Admin\AppData\Roaming\MEMZ.exe" /main
    3⤵
    - Checks computer location settings
    - Executes dropped EXE
    - Writes to the Master Boot Record (MBR)
    - Modifies registry class
    - Suspicious behavior: GetForegroundWindowSpam
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:216
  - - C:\Windows\SysWOW64\notepad.exe
      "C:\Windows\System32\notepad.exe" \note.txt
      4⤵
      PID:2136
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system32
      4⤵
      Enumerates system info in registry
      Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      Suspicious use of WriteProcessMemory
      PID:5036
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:3184
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
        5⤵
        
        PID:4940
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
        5⤵
        
        PID:4552
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2872 /prefetch:8
        5⤵
        
        PID:4068
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
        5⤵
        
        PID:1824
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
        5⤵
        
        PID:3876
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
        5⤵
        
        PID:2904
    - - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3560 /prefetch:8
        5⤵
        
        PID:3520
    - - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3560 /prefetch:8
        5⤵
        
        PID:4044
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
        5⤵
        
        PID:5184
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
        5⤵
        
        PID:5192
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
        5⤵
        
        PID:5504
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
        5⤵
        
        PID:5512
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5308 /prefetch:1
        5⤵
        
        PID:5316
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
        5⤵
        
        PID:5520
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
        5⤵
        
        PID:5364
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
        5⤵
        
        PID:3664
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4656 /prefetch:1
        5⤵
        
        PID:5828
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6032 /prefetch:1
        5⤵
        
        PID:5648
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3048 /prefetch:2
        5⤵
        
        PID:1728
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1716 /prefetch:1
        5⤵
        
        PID:5724
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
        5⤵
        
        PID:5644
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
        5⤵
        
        PID:4752
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
        5⤵
        
        PID:2452
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1
        5⤵
        
        PID:3108
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
        5⤵
        
        PID:1740
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
        5⤵
        
        PID:1564
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
        5⤵
        
        PID:552
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
        5⤵
        
        PID:60
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2648 /prefetch:1
        5⤵
        
        PID:1676
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1
        5⤵
        
        PID:3520
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
        5⤵
        
        PID:2764
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
        5⤵
        
        PID:4412
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
        5⤵
        
        PID:5700
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1
        5⤵
        
        PID:696
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
        5⤵
        
        PID:1976
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7264 /prefetch:1
        5⤵
        
        PID:4224
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7400 /prefetch:1
        5⤵
        
        PID:1560
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7740 /prefetch:1
        5⤵
        
        PID:4648
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7540 /prefetch:1
        5⤵
        
        PID:2280
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7348 /prefetch:1
        5⤵
        
        PID:468
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
        5⤵
        
        PID:788
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
        5⤵
        
        PID:3384
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8424 /prefetch:1
        5⤵
        
        PID:6208
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
        5⤵
        
        PID:6924
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1
        5⤵
        
        PID:6956
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7928 /prefetch:1
        5⤵
        
        PID:5496
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7664 /prefetch:1
        5⤵
        
        PID:788
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8884 /prefetch:1
        5⤵
        
        PID:2312
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8820 /prefetch:1
        5⤵
        
        PID:648
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9092 /prefetch:1
        5⤵
        
        PID:6404
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8828 /prefetch:1
        5⤵
        
        PID:6604
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7164 /prefetch:1
        5⤵
        
        PID:6668
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9320 /prefetch:1
        5⤵
        
        PID:6724
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
        5⤵
        
        PID:6096
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8656 /prefetch:1
        5⤵
        
        PID:6500
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9316 /prefetch:1
        5⤵
        
        PID:368
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8996 /prefetch:1
        5⤵
        
        PID:6640
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10012 /prefetch:1
        5⤵
        
        PID:6088
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10432 /prefetch:1
        5⤵
        
        PID:7920
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10292 /prefetch:1
        5⤵
        
        PID:7932
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10136 /prefetch:1
        5⤵
        
        PID:7244
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9908 /prefetch:1
        5⤵
        
        PID:7572
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10044 /prefetch:1
        5⤵
        
        PID:7244
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10292 /prefetch:1
        5⤵
        
        PID:7724
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10700 /prefetch:1
        5⤵
        
        PID:6936
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
        5⤵
        
        PID:8168
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11040 /prefetch:1
        5⤵
        
        PID:7408
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9776 /prefetch:1
        5⤵
        
        PID:8164
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
        5⤵
        
        PID:2304
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10680 /prefetch:1
        5⤵
        
        PID:4320
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9812 /prefetch:1
        5⤵
        
        PID:4764
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10236 /prefetch:1
        5⤵
        
        PID:7744
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10308 /prefetch:1
        5⤵
        
        PID:8080
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10336 /prefetch:1
        5⤵
        
        PID:7928
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11320 /prefetch:1
        5⤵
        
        PID:7696
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10328 /prefetch:1
        5⤵
        
        PID:2592
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10296 /prefetch:1
        5⤵
        
        PID:8580
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11656 /prefetch:1
        5⤵
        
        PID:8612
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
        5⤵
        
        PID:5708
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10228 /prefetch:1
        5⤵
        
        PID:8284
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10968 /prefetch:1
        5⤵
        
        PID:8760
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11564 /prefetch:1
        5⤵
        
        PID:8300
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12244 /prefetch:1
        5⤵
        
        PID:8380
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12428 /prefetch:1
        5⤵
        
        PID:8892
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12472 /prefetch:1
        5⤵
        
        PID:8996
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12068 /prefetch:1
        5⤵
        
        PID:5876
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12332 /prefetch:1
        5⤵
        
        PID:3116
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11112 /prefetch:1
        5⤵
        
        PID:8812
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12788 /prefetch:1
        5⤵
        
        PID:212
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12792 /prefetch:1
        5⤵
        
        PID:9500
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
        5⤵
        
        PID:6380
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11960 /prefetch:1
        5⤵
        
        PID:9832
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12852 /prefetch:1
        5⤵
        
        PID:8916
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13216 /prefetch:1
        5⤵
        
        PID:9868
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12856 /prefetch:1
        5⤵
        
        PID:1004
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13348 /prefetch:1
        5⤵
        
        PID:6944
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12308 /prefetch:1
        5⤵
        
        PID:9360
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11444 /prefetch:1
        5⤵
        
        PID:6312
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12252 /prefetch:1
        5⤵
        
        PID:7820
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13416 /prefetch:1
        5⤵
        
        PID:10212
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13436 /prefetch:1
        5⤵
        
        PID:3772
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14152 /prefetch:1
        5⤵
        
        PID:8968
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14032 /prefetch:1
        5⤵
        
        PID:9788
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12776 /prefetch:1
        5⤵
        
        PID:3336
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10660 /prefetch:1
        5⤵
        
        PID:7824
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14212 /prefetch:1
        5⤵
        
        PID:10872
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13472 /prefetch:1
        5⤵
        
        PID:10356
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13624 /prefetch:1
        5⤵
        
        PID:10820
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13624 /prefetch:1
        5⤵
        
        PID:10256
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14344 /prefetch:1
        5⤵
        
        PID:10964
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13740 /prefetch:1
        5⤵
        
        PID:10524
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13768 /prefetch:1
        5⤵
        
        PID:9296
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1
        5⤵
        
        PID:9364
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14088 /prefetch:1
        5⤵
        
        PID:9560
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14076 /prefetch:1
        5⤵
        
        PID:9540
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14160 /prefetch:1
        5⤵
        
        PID:9096
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14464 /prefetch:1
        5⤵
        
        PID:10984
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14456 /prefetch:1
        5⤵
        
        PID:9924
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13776 /prefetch:1
        5⤵
        
        PID:11768
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1
        5⤵
        
        PID:9904
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13740 /prefetch:1
        5⤵
        
        PID:11748
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14560 /prefetch:1
        5⤵
        
        PID:11632
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14608 /prefetch:1
        5⤵
        
        PID:11700
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11184 /prefetch:1
        5⤵
        
        PID:10348
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14400 /prefetch:1
        5⤵
        
        PID:9356
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13992 /prefetch:1
        5⤵
        
        PID:10948
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13688 /prefetch:1
        5⤵
        
        PID:7308
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13768 /prefetch:1
        5⤵
        
        PID:7236
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9876 /prefetch:1
        5⤵
        
        PID:12224
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14476 /prefetch:1
        5⤵
        
        PID:2616
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12892 /prefetch:1
        5⤵
        
        PID:10700
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14480 /prefetch:1
        5⤵
        
        PID:11340
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14460 /prefetch:1
        5⤵
        
        PID:9900
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14100 /prefetch:1
        5⤵
        
        PID:10900
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14772 /prefetch:1
        5⤵
        
        PID:12768
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13440 /prefetch:1
        5⤵
        
        PID:12312
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2136,13416242351154194777,16182092115641038248,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
        5⤵
        
        PID:12400
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+remove+a+virus
      4⤵
      PID:3936
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:5280
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+get+money
      4⤵
      PID:5448
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:4144
  - - C:\Windows\SysWOW64\Taskmgr.exe
      "C:\Windows\System32\Taskmgr.exe"
      4⤵
      Checks SCSI registry key(s)
      Suspicious behavior: GetForegroundWindowSpam
      Suspicious use of AdjustPrivilegeToken
      Suspicious use of FindShellTrayWindow
      Suspicious use of SendNotifyMessage
      PID:5456
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton
      4⤵
      PID:4600
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:4968
  - - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
      "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
      4⤵
      Suspicious use of SetWindowsHookEx
      PID:2936
    - - C:\Windows\splwow64.exe
        
        C:\Windows\splwow64.exe 12288
        5⤵
        
        PID:5856
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe
      4⤵
      PID:1728
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:1492
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:4032
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6008
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus
      4⤵
      PID:6140
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:1720
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:524
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:912
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:4800
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:5076
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:5944
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:4080
  - - C:\Windows\SysWOW64\regedit.exe
      "C:\Windows\System32\regedit.exe"
      4⤵
      Runs regedit.exe
      Suspicious behavior: GetForegroundWindowSpam
      PID:4340
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus
      4⤵
      PID:5336
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:1584
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:1676
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:2448
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:1188
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:2876
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:5996
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:5900
  - - C:\Windows\SysWOW64\mspaint.exe
      "C:\Windows\System32\mspaint.exe"
      4⤵
      Drops file in Windows directory
      Suspicious use of SetWindowsHookEx
      PID:3752
  - - C:\Windows\SysWOW64\explorer.exe
      "C:\Windows\System32\explorer.exe"
      4⤵
      Modifies registry class
      PID:4672
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+remove+a+virus
      4⤵
      PID:2172
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:3236
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:5372
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:5912
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:6852
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6868
  - - C:\Windows\SysWOW64\Taskmgr.exe
      "C:\Windows\System32\Taskmgr.exe"
      4⤵
      PID:6656
  - - C:\Windows\SysWOW64\mmc.exe
      "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
      4⤵
      Suspicious use of SetWindowsHookEx
      PID:6312
    - - C:\Windows\system32\mmc.exe
        
        "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
        5⤵
        Drops file in System32 directory
        Drops file in Windows directory
        Checks SCSI registry key(s)
        Suspicious behavior: GetForegroundWindowSpam
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of SetWindowsHookEx
        
        PID:6476
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:4532
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7140
  - - C:\Windows\SysWOW64\mspaint.exe
      "C:\Windows\System32\mspaint.exe"
      4⤵
      Drops file in Windows directory
      Suspicious use of SetWindowsHookEx
      PID:6328
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system32
      4⤵
      PID:3572
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6800
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:6596
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:2104
  - - C:\Windows\SysWOW64\mmc.exe
      "C:\Windows\System32\mmc.exe"
      4⤵
      Suspicious use of SetWindowsHookEx
      PID:6324
    - - C:\Windows\system32\mmc.exe
        
        "C:\Windows\system32\mmc.exe"
        5⤵
        Suspicious behavior: GetForegroundWindowSpam
        Suspicious behavior: SetClipboardViewer
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of SetWindowsHookEx
        
        PID:6440
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
      4⤵
      PID:6208
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:3684
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed
      4⤵
      PID:6776
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6664
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download
      4⤵
      PID:3356
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6536
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/
      4⤵
      PID:7856
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf4,0x130,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7872
  - - C:\Windows\SysWOW64\calc.exe
      "C:\Windows\System32\calc.exe"
      4⤵
      Modifies registry class
      PID:7912
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
      4⤵
      PID:7340
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7304
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:7844
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7868
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe"
      4⤵
      PID:2332
  - - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
      "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
      4⤵
      Suspicious use of SetWindowsHookEx
      PID:7080
  - - C:\Windows\SysWOW64\mmc.exe
      "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
      4⤵
      Suspicious use of SetWindowsHookEx
      PID:7148
    - - C:\Windows\system32\mmc.exe
        
        "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
        5⤵
        Drops file in System32 directory
        Checks SCSI registry key(s)
        Suspicious behavior: GetForegroundWindowSpam
        Suspicious behavior: SetClipboardViewer
        Suspicious use of AdjustPrivilegeToken
        Suspicious use of SetWindowsHookEx
        
        PID:6932
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself
      4⤵
      PID:6220
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7652
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed
      4⤵
      PID:7936
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:5688
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus
      4⤵
      PID:368
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6624
  - - C:\Windows\SysWOW64\Taskmgr.exe
      "C:\Windows\System32\Taskmgr.exe"
      4⤵
      PID:7636
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
      4⤵
      PID:7384
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7676
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+remove+a+virus
      4⤵
      PID:7460
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0xf4,0xf8,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7056
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+get+money
      4⤵
      PID:8504
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:8520
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
      4⤵
      PID:9192
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9204
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
      4⤵
      PID:9168
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0x90,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:8232
  - - C:\Windows\SysWOW64\mmc.exe
      "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
      4⤵
      PID:7440
    - - C:\Windows\system32\mmc.exe
        
        "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
        5⤵
        Drops file in System32 directory
        Checks SCSI registry key(s)
        Suspicious behavior: SetClipboardViewer
        Suspicious use of AdjustPrivilegeToken
        
        PID:8720
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed
      4⤵
      PID:8852
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:6376
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton
      4⤵
      PID:8220
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9188
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe
      4⤵
      PID:7456
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9156
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe"
      4⤵
      PID:8784
  - - C:\Windows\SysWOW64\explorer.exe
      "C:\Windows\System32\explorer.exe"
      4⤵
      Modifies registry class
      PID:7820
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
      4⤵
      PID:9440
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9452
  - - C:\Windows\SysWOW64\mmc.exe
      "C:\Windows\System32\mmc.exe"
      4⤵
      PID:9988
    - - C:\Windows\system32\mmc.exe
        
        "C:\Windows\system32\mmc.exe"
        5⤵
        Suspicious behavior: SetClipboardViewer
        Suspicious use of AdjustPrivilegeToken
        
        PID:10016
  - - C:\Windows\SysWOW64\Taskmgr.exe
      "C:\Windows\System32\Taskmgr.exe"
      4⤵
      PID:9352
  - - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
      "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
      4⤵
      PID:9896
  - - C:\Windows\SysWOW64\mmc.exe
      "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
      4⤵
      PID:7064
    - - C:\Windows\system32\mmc.exe
        
        "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
        5⤵
        
        PID:5228
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:9080
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9748
  - - C:\Windows\SysWOW64\notepad.exe
      "C:\Windows\System32\notepad.exe"
      4⤵
      PID:6548
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
      4⤵
      PID:9672
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:8988
  - - C:\Windows\SysWOW64\regedit.exe
      "C:\Windows\System32\regedit.exe"
      4⤵
      Runs regedit.exe
      PID:9576
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself
      4⤵
      PID:10084
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0x100,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10112
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:9976
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9320
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:10024
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:4100
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed
      4⤵
      PID:8132
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9036
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
      4⤵
      PID:8288
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:5048
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself
      4⤵
      PID:9340
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0xf4,0x130,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9728
  - - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
      "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
      4⤵
      PID:8896
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus
      4⤵
      PID:10456
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10468
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:11072
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11084
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt
      4⤵
      PID:10712
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9436
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe"
      4⤵
      PID:6784
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+get+money
      4⤵
      PID:10788
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10816
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
      4⤵
      PID:9180
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11216
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus
      4⤵
      PID:10604
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10672
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:9464
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:8468
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser
      4⤵
      PID:11196
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10928
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton
      4⤵
      PID:10732
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10912
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed
      4⤵
      PID:9740
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9612
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe
      4⤵
      PID:9492
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:9928
  - - C:\Windows\SysWOW64\explorer.exe
      "C:\Windows\System32\explorer.exe"
      4⤵
      PID:9600
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed
      4⤵
      PID:11140
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf8,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11016
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/
      4⤵
      PID:9056
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0x94,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10436
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe"
      4⤵
      PID:2588
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt
      4⤵
      PID:244
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10976
  - - C:\Windows\SysWOW64\calc.exe
      "C:\Windows\System32\calc.exe"
      4⤵
      PID:9900
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
      4⤵
      PID:11696
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf8,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11708
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+get+money
      4⤵
      PID:12232
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:12252
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser
      4⤵
      PID:11508
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11608
  - - C:\Windows\SysWOW64\notepad.exe
      "C:\Windows\System32\notepad.exe"
      4⤵
      PID:11380
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt
      4⤵
      PID:11568
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11564
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe"
      4⤵
      PID:10252
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus
      4⤵
      PID:10156
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:12060
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system32
      4⤵
      PID:9400
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10828
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+remove+a+virus
      4⤵
      PID:7284
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11124
  - - C:\Windows\SysWOW64\calc.exe
      "C:\Windows\System32\calc.exe"
      4⤵
      PID:10964
  - - C:\Windows\SysWOW64\cmd.exe
      "C:\Windows\System32\cmd.exe"
      4⤵
      PID:10860
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt
      4⤵
      PID:9376
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10392
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware
      4⤵
      PID:11816
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10804
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself
      4⤵
      PID:9960
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:8844
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser
      4⤵
      PID:11280
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10104
  - - C:\Windows\SysWOW64\regedit.exe
      "C:\Windows\System32\regedit.exe"
      4⤵
      Runs regedit.exe
      PID:9912
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe
      4⤵
      PID:8088
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:10452
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser
      4⤵
      PID:10512
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11224
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download
      4⤵
      PID:9408
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11588
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
      4⤵
      PID:11472
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:7236
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download
      4⤵
      PID:11336
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11300
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:12700
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:12712
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
      4⤵
      PID:13164
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:12336
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=batch+virus+download
      4⤵
      PID:12952
    - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffcc94046f8,0x7ffcc9404708,0x7ffcc9404718
        5⤵
        
        PID:11984

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2960

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3976

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x42c 0x408
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:6064

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
1⤵
PID:960

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
1⤵
PID:4044

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:8052

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:8316

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
PID:11060

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
1e3dc6a82a2cb341f7c9feeaf53f466f

SHA1
915decb72e1f86e14114f14ac9bfd9ba198fdfce

SHA256
a56135007f4dadf6606bc237cb75ff5ff77326ba093dff30d6881ce9a04a114c

SHA512
0a5223e8cecce77613b1c02535c79b3795e5ad89fc0a934e9795e488712e02b527413109ad1f94bbd4eb35dd07b86dd6e9f4b57d4d7c8a0a57ec3f7f76c7890a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
36bb45cb1262fcfcab1e3e7960784eaa

SHA1
ab0e15841b027632c9e1b0a47d3dec42162fc637

SHA256
7c6b0de6f9b4c3ca1f5d6af23c3380f849825af00b58420b76c72b62cfae44ae

SHA512
02c54c919f8cf3fc28f5f965fe1755955636d7d89b5f0504a02fcd9d94de8c50e046c7c2d6cf349fabde03b0fbbcc61df6e9968f2af237106bf7edd697e07456

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\705c3aef-47b4-408e-87f9-5642f1300318.tmp

Filesize
9KB

MD5
d2e1289aa0fdc2d31d71f416c7426f63

SHA1
8a1e6e5140fa588ac7da0b35cdb5af8ff326f603

SHA256
2f0b25aee0e7a3632abb0529b0d81b0e92b42ebd0ee4ff1401df1eef127df5cb

SHA512
df4a58c2b318491b0f634ebf13f75e42ad1a901978c688539524512abda76545bb3209124e81246a7f5dd68b78e48bbfcecb5da2de69fc21b6dd9753ae85182f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
24KB

MD5
b82ca47ee5d42100e589bdd94e57936e

SHA1
0dad0cd7d0472248b9b409b02122d13bab513b4c

SHA256
d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

SHA512
58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

Filesize
70KB

MD5
db782172e487c1a3252db01dc531c255

SHA1
c507fc3ba7af923ca0d5c00511617fc36d8f2d55

SHA256
4c15c84c190f3e0e31be87c9fd3cd7d089b3496cb7090c32de210b08c04170c2

SHA512
fd6357973fb9cc41d0785292e9358fcf426b02fc1b9cea9106fef5e2b42c8835ab6abe2feb8f89ae69541521f9ba62db9e1cf4d61b4c5756cbfb8a045df07cac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

Filesize
16KB

MD5
68c477c4c76baab3a8d1ef6a55aa986f

SHA1
4af50379e13514558dd53d123db8ea101ec5e24c

SHA256
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

SHA512
92b34fe3b7f82f10cf6de8027ac08f4a5b8764fb4e0b31c93da6e3d5bd08e0bc83b79fd70b8207a1066b689583e0b6976fa3c885b0c067ea343e6f2031d55d25

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
44KB

MD5
88e4aad8874000d8f74fc868e2e740fa

SHA1
f1d7da246d2ebc34aae3ce6b5fa0e3b3d53f7e57

SHA256
0c2b3ce4e2356775e5252c95a6f72ecf604ae94a3a0437830c53448c41bbde4a

SHA512
ccbbb9752eeed400c94f9b89d797cb289c821b24aa549a636c93bcf1198458b3e388e5499d399a5fa9ac6709516a0699ecd07043b38b522912cdd7454e47da22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

Filesize
125KB

MD5
a23f2a4cd5992c32830e7fcb180c3dc8

SHA1
7115b9ac844ad552bd8d822ad92c1f6bc50d8bb5

SHA256
1cb7f7aee0678460726a4fc8e2c92d336d5ae78289590e44765e85d99ef9c6fb

SHA512
c2930760614fb22a466f2f80fd49588a9fb96dbad84758619939565d93b1018747e4287c64b83b043f1511a1b90a57d63c658fca3b9b3a1b8964dad9d2f77193

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

Filesize
17KB

MD5
0627ec86dfad171ba217bbc765326ed7

SHA1
d83f8aac9cb272a8825602735e3766f4975d5c68

SHA256
d53336707c39d1ec20a2b1f7399ca9f183c45592e215a42fd596dfa2dbb8ad7a

SHA512
a64bb605c4c4a1d3a3905155e9f52b4c59abb95fffc61aa1405d6d4e4687ac308ef4104f897770ad8c7001e40f91f68eb35041d693367a970aab2a86e80150e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
21KB

MD5
d7530d93502fca34ba1d27c174ba602e

SHA1
47f79591767f910e931528578186c4560e9d8aa8

SHA256
23aee92da9b331c9aa0c03eddd616ac69b420bc887500584afdb7c59cda50f85

SHA512
1653bfdba6df329c24a75aa1e316e42bd5e39c545cd35a6baffa9760afe40cadeadefda71937aed79ac1eaf466a7ebe1205dfa37457073d78670420c3e90364f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
36KB

MD5
1520b83a25b02ac8ad7b8063543250b6

SHA1
701ff60e0c854226352b88ec551971afcb0bc95c

SHA256
2c3e3860c11ac9e5b7779f9c0edeb4f4384c0d09471817a689426aa02140f0a2

SHA512
590b88a4042a12b107f909ca0696b623b6948a682dae65a9b0cde11a5a8fd8da1ddd8eda9dc5562259f7cc54071c52bcecd11db0fd08b997bfc8c581376e0fdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
31KB

MD5
19f96c8449746bbda44bb4d71b9466c7

SHA1
4b8de6fff474cd0ef98e80175eb0964623efad60

SHA256
cef5ba8ceb1cf5584b3ab7c6b378cb05d96665d6e5f441006aef77292d3e6d6d

SHA512
bd8d01f36b0565d459432add7e6b05c3bdebac67dae3bd39efbb2731fac659a6aa9807cdc01d5e7a1e729107faa9d165756a5fa8666a9363439af6526f27f872

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

Filesize
25KB

MD5
e9288ad4996a756406bf5d71ecf86454

SHA1
83f8c657655c54b1a89cdddec136a0adebb10638

SHA256
6e3a858b382a60fed8c949a3962b2ba55ef3b8bf954a8c7439554cd178f0bc86

SHA512
6cf46f85f1a70973d08f96fd0f33294c38fd20879c7e26f563c5726df3eb507a3f49ff82bb2a46e0d0aed44e5f6552c56389835afb6632ef8cbf1175cca4d1d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

Filesize
85KB

MD5
ed932cce1eea1ee702ffc2297f57a383

SHA1
cfea8e40b670d970b79a769b50ea88a55d5c649b

SHA256
e0427bbf65de4a3777675872d717a7140030a4c9494f207102ef5d3e161c12d9

SHA512
a3bdaec66970b5d5e31cf7c655250294107d397abb2f9e7bb3a33091ed195eb89eb42e9183edeea2556cce7551f56b5158916ddecc0593007111debf21da3cfc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

Filesize
86KB

MD5
922d72de8ad9a1af32d0700c9c1f2281

SHA1
2695b16923c7bad94c292d88f24ee176ca604b71

SHA256
2805fda800661e8d6043385ffe9f0e75ec91f7a8715f8382419317c124661bb3

SHA512
7a49fc1d5c7d3409086a8716820bc997f96d348309ee33df68142b4c09894839f4cf4105f0f36e910cdbb9829eb9fd19b8a9a131db6219e8966dfd605de57010

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

Filesize
28KB

MD5
0a327ee086a818d7d54af36baced0f6c

SHA1
74615f49b359a3a4c944c643f4bc7755c2177dfb

SHA256
c1a02eff7911883e25c8702d5f7f4cfc06a75cabe3f6572246a10128f5635962

SHA512
54a95383befb800138981dffc9cfd736242372f91dc26c1054238337d65d5d88bc39e2baa40f62db9a08e9d8b29a9d6efd319aa7f739addd5d4cdb55f2662f6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

Filesize
33KB

MD5
c0a4d9b180cd2276de6895d5db59a173

SHA1
4e5b13ca7d0f84a688b7aa983b19002895d76a78

SHA256
1a5476cb00cf3d8cfe2f4ba85a3d3dbfc6ab72c86be5cc29fd8b9d9cddeadaeb

SHA512
c32726affc9c1865f15061269c591983538270f8f28b0fa0315027abe14c570cc8a416f6a8f461235f02f43d5176e3321e096694de7ad3aa4e2333e9881f8bce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
54KB

MD5
8572812b1372beab32d2e7fe25cfb349

SHA1
ee432abefa9475a75f7acc73f5db5cbebfb6ef6b

SHA256
57ec6d41b79699282d950e19e3e74a436ffd1ccd9d170e00493a20753b4b7dec

SHA512
1770f225f03d434a64967aff96935b8fec60fd91b5f27c5cc1c7d31dfed9ddbe33e2ee6c90f46b13732701a293bad807b9d3a8ae4783a48d54ca0ad2577a7bc9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\16a66ed1eec07edc_0

Filesize
317KB

MD5
ab33c34fd8738498c8faeca401bbbe3b

SHA1
fb1cd913cefa70a236d9ef5899063ee4702f23d1

SHA256
8571966d297cfca6741a923e78945e05d90d2a76ce24cd1150404258503f0436

SHA512
84737c04068bc2b33f6ca9a5af9c4e0f1c37085b56639c4e2529a29733c93ecc3db4482c098b82f25e8c444e63bb9da184e78981fda486334211193ffab89bf1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2204e0a1729c2064_0

Filesize
397KB

MD5
394a200d0ffa8422489cb853b6e4eee8

SHA1
90681331f191770581855618a0583acd62ded15c

SHA256
a89728b1ae5786cf63a89dd4694dd33a0612e693871cf1dc12ac5e28ec157518

SHA512
5c4d58800bdefdf2747bde320c899298e1489eb9b546e92fe22856b0752d6fe97e215b00693f4cf6d7f4e39abbae7e51a2ff3eb1cd68f9f1fccb54ff4c7cf3d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\57c5bce7e97afc2e_0

Filesize
18KB

MD5
75a2a23c57f45702c967ebff54944caf

SHA1
7d625d7756f13c39df5252e80aeb0303e1978433

SHA256
decc19f26f6c853f540df732d582f1dc3c08d9823e54fdde829990771a35496a

SHA512
85a8db689f391dcf47d2e4fc472327c877b2e66b6cb9bc3c12eff2a60f9fa8bcf5269910bbd61e0f255ca7afb817f8c4287731d8f6321d563c717dd11b4405a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a21145a4f0b9fd0_0

Filesize
289B

MD5
83710374ab65aa157061e8837cc46ede

SHA1
00981148be0b8d54d9646c8309f5d50bd4124987

SHA256
5d570366230278d7300358ee893c7369d4dbf3a5066265b1b1f486776dab80a4

SHA512
c69671e6fd00f6ceba56f38455ae21db9318beaa3f24867ce40ee77df5cb326af1469340688a5cf16f8b875e37c4e0d00525a95b35bcbf1813c103a44f97cfc1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a21145a4f0b9fd0_0

Filesize
289B

MD5
15c405d1bf54fda0fc5008077292a4ed

SHA1
0570dd9c1e4392048086e7e0be6fb89c2ffa4750

SHA256
99610673f5b10db59844ca68282bc34e4b71d54de912fd22f5da7709ca4e281b

SHA512
b56b4c1c96b9603763a785271a6561cbd532a6f750131ed4db401f9e71bce6e02bbd7e998ea17fa1a45b40f277caf711ae485c8277b651e6c0db7aa832098518

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
b619ddfe48764c105397d95786c75824

SHA1
5f0bb879803acd866a07013e4a3125da4691964d

SHA256
364f2859e2bcd7a3e1d8f4d1322942c70eb94b2b6f109f2090a9d2505e4e7680

SHA512
5754ca89951f6da64c53d8023271531679348670afecf5dbc6b51e8045268f32fe7e60b04796fbb9639dac3d53cba178ac788628372c543752a08ed868a63ec9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
360B

MD5
a6f6798b89406dd4de87d4bd9394b431

SHA1
517952da0e99eaa6ae238966a4227d0d373028f6

SHA256
73dca73297b1ff6af6b9cad12980faa44e0701c8bfc8c71bc87316e01ea4dadc

SHA512
0e44151ad2136f6eb3276ac3c19a345674201951c0a4b6d210abe84c6259cea39264eff6776f181dd44d7d41147b1475c545d043c2a3a18d3410d5bdcb6e7174

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
8f87335fe0f3056b3b83c8cedd013630

SHA1
a4de5681c8858df88256f4368179bfe6554c7c34

SHA256
56faba8c31f81e3cb3fb47b4760b1805e5e0c6dba07e73e5679843bf41a7fabc

SHA512
df622b274999ded419b0e23c90fb69cee34ff7cffe7644365300d6ecb40695e4729ba17072d7e93cd82553965b6bcf1f2f3f2af1c1e7c525b10315e8afd83e00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
80bf9928c30d32e2307bf367145f47d3

SHA1
83832f91818a445883a5094ab42a837544ad6d3c

SHA256
4587d3a0ce49a3d2d9caa84080b07dd3f482a92353a114ffa8dfcf8f8568e16c

SHA512
f35a1aa2075467e8f56e1f61cd6fbc2e2c44bd198655df32e739f81ffad1dc641aafe30bb8b7d83347330d942e329455d5a2b4b6ddbcffff90901cc535a82faf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
8034cb454c13bf08d6410bbf43deef01

SHA1
5caa619eb29cc29276fe576129d44dd623c65773

SHA256
f79432d1b954c60c19c9210f49dce0011b53d9cc5ac5d23a57a5965765148e85

SHA512
b6e88b3a3a57f790a3ff3ab587a62cd0092ae7bfb081fb278c2dd355513f87e8a7134f3b04a9cde96f110a204443d99243bdc5d518917a33314cf09047348217

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
c3d319c91b95bb4a239ef7913e0d4430

SHA1
8fc5e44e096d6a942972df2dfcb5e683c4e8d0df

SHA256
46cea0ea198c9cf6b4309ca3e35b174972cba19487e57076f05178ab25b17ecc

SHA512
a5fde7da591c0b6df0810c569224b6edb1af15bec17b3b51ab9dfccc902ccb67dce385e25566bd3bac3c893560a822c63e5e34ba49931e6342ed215a40a9a0d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
d662815a74d7b80bbe105478795d08e0

SHA1
58296983839e2f1e59aee4ee230aa0d3fc030e4e

SHA256
9504a56a0a90e54cd62bd9338aae22b2505f84f2cf46f0aa09f1ae7425b16d24

SHA512
c9e6982f5b94d5093a6987079edf2f139792119176760473c90d3a0ce97ec752d6aa3ba7f419c5ee233bef631100ae10fd6d7db2003c9c3d686b1b6daec234a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
65f7f0604410d405dd94b3813982d952

SHA1
6a8fba0712ba914156c12092de02f30f5f5f513f

SHA256
ac4a34f31f556eee2a50e2c8d7300a75a5b8b94cb1f050ab39a634aa15eb462f

SHA512
f7082ec428663f975c43cee59fae7d10033f93c49795d3df0455a590ba860b0587134c1972458ad9e78c2730c555f6de8bac6822f9f939eaeccab84d7780c7af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
10b885371c06c7c5a7ba8494fa16b7ca

SHA1
7726e169f6981be5fcf3e5a977dac275f4ff63cf

SHA256
bdd42ecc3776360ce7ec331a6e19e9f0d9534737f00be7c7697ca7782d0718b9

SHA512
bc97e585f02b2deb08fe490b776b213555b062598634a3103432fd507789908e13ca2ff5902ffd8c2eef23957d29db8183634ed5b6287cbc058f48c802524e54

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
82b502a8423fa2d1757c5a39332ec0ba

SHA1
61f6147b0d0e0feb0e0dfd2bd4b7e6f289f80b1d

SHA256
089c6cf1ee1fab97dec87651cc0b2a20a400622b39846dadc32f543eb3b9c59e

SHA512
0b18a73f3e5de57c9dce0a307d353fe24bc2baeb137447e6184c8053716eb4e792d0b5e7220adff67bc7b44dd0789c99c3039d226aec8fd05d851e3d72ae8987

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
8cb93eeeb8a202f5e03e5fd3abcb8c34

SHA1
9c442761fe1547e544f13b555d734e375252fc05

SHA256
487b676f93c99d8de96ce29881ed6440a5b9b322738acf1e46fad6b3e183b16c

SHA512
16822cbfc3af4f375ed930255973e418bfa8e467eda3fa15196ad355da11209172fe28359399aeb2f1875b795e483f15fb33276d633d3bc9435cde2279bffbf0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
1572ad30004f84b233b04c8db8195b46

SHA1
8af52a2305c57f18c8b3c349c56d35ea93c394dc

SHA256
0b0ca1e97433d2cfc621ed34ab7a1f5e518fe376863929f17295dc7b164cb114

SHA512
42b9911e68a7ad7add01277ed5ea8089b8c944336e36962c71a9b3cf30d7e69e7eac470d932be135d4a53b80da1277b2e50b2f97e159304e62b4435689a56ad9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
9468bc1b0a11ea097d882776688f93dc

SHA1
111494df547c2b1bef011ae979fdc1abc8aced64

SHA256
74fab45bc6726116f21e539c888767be512b08a50f82033aad3b0190623e6337

SHA512
bef85afe204fa04ec0cbb46da9728ad04f302067d059b4d467dfd8d87a4104fd74b05db76b109bba3cc1fc65cf61c18b0b8e40cd9ea317c3c19971425c09e526

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
528B

MD5
5c1f0951d8c16cd10affef4c7cb1142a

SHA1
3e42f82e074c89a7d047f0a165ec0e5106bbaafb

SHA256
85ac2475cc5dca11bf2ba6a956f584b93b93ed11a2a7f5dfaf1aa8d130030153

SHA512
3f9b7d912692f0a7bb1e97691895ab7dd840c54765e0ee31386dde14d5b97cc3121bfd432703d9c268fcb86a8a4245244f970f9fff4696d8667b3a6dfee15b9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
144B

MD5
8aeb988d8e974712cf25cb491303da3f

SHA1
94d8560d5f8a952b36450110d587f8db47aaba36

SHA256
e8a76871459ac13171f129e538931645eddd4c88e69653f829bfc02a8aeae808

SHA512
245fb22b611bad890aaf92315dfba7b1148ca422e76121a955798724e46d3bce838e7e27621cc7a7411199cd2f61360478bc22690b0ebffb578c0e354be2c1a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
973B

MD5
62081ce2e78b55109aff445e4708f3e5

SHA1
dd503362b64beabd5f5fc33e29258a4e74f61300

SHA256
b91e9aa1954f949f59a64eb2bcb8e6eee7f86bfe2a436e546d8d57d8a6aade21

SHA512
a15caaf6940179cb18e1e28cc8209eec4e9f1f84fe9bc7c584d9dc80736e7c6cc394c37d55e0996786def0b0e0aa24189acd76f0abc0cfd1a49c27edf3434c53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
bca8a0c8a02f0c3b03bd4d9d4d5b78c5

SHA1
1019ff811b6212dfc9f73a39fd87680084283f81

SHA256
819cc1205de333f99d4041a6b43cb0375fe6f0f631099da2e2fd3a083ef1ff81

SHA512
3a3a21bff554238a9255d0b9f714937255ad31afc18d412eb7a66b16ead682dcc86154dbc16f0beba7684bd68c3079fedb505dd1d1e82c5fb1f3faea9fa48488

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
0e7e9627c9d388b5bc657ffb86219086

SHA1
290f8c533bbc9b62fc265eaed48a610069501412

SHA256
0e612934089c21d6af0cd5a3d73b16f713c7729d669816bb9e40586c0a97d5d0

SHA512
7784ae3188e81f3247b0442641cd04098c6f400ef70b56f898f53950e7b7fbdf1347cc08b3e7924d525291881e5d41b665d796aa0388cd8f0ef6776ab43a705a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
7c34c02d889d4f2ac6ef4b33808a8eab

SHA1
5a9292854244eaec24080c7ae06383e324e189e7

SHA256
a3955426b23c836843929d1da36261bb3537bd8c714b3cf80cd62c15a03154b8

SHA512
599866fd3da8992aebb1b10dc19e5fafac64633c47115e39fb96dab6323098525a2018102d168e4b7fc037539423d4712773d622d48a9572e8ae4a33485cf033

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
dc842a5052db164aaaadac95f11c3d01

SHA1
c9917bbc96b5e57693d18e7fc1ec2877240ffd14

SHA256
5c78177b2b9ccbe9120a413abb6d1a03d716116facf9b1ace7fb1b52117010df

SHA512
7dda5af7753868e766cfc1c275d6f5e33366e1e403aa2c11764a4fc5dd0767b798cadcbde7d5631fb8567ac278fcf98e557c92bfe57fc12392b42d40e5c4f217

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
555d7b9ae62e39932dd5de08ffa319c7

SHA1
2d7ebda1883739b264e8b052c0eed836556c00ba

SHA256
cb296e5cefe832d6b287b3bf3ed3af57561b43f6032f800a3f1a076eab42767e

SHA512
dc9e467f989722b71faea8c439470da25ac5cdbf4e11bdc9ec4a42ae910bd675f6e11b952f46b36f2a439be01576f8fd31ee7041a2fe53a8f5715af0e48ce1ea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
b71c5597b458eb7aabdddf9acd92bfc0

SHA1
03a86d7c50d9caa2fb296c6c1af7638dcfe388cc

SHA256
9e1b2ca8228724b6190e63ad7ff18c81ae13b8a539766809b0f5dfbd75aa73c0

SHA512
78148ae820ad37e5d0374904aa265b2e79d655cd985085c1b04febbb747b2303b1781bb376164e16bb2be57d4ae4a9ac83d037f984d6dbb9af20597e8802fe31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
1a58cf0973fa861846234576f65d1e6c

SHA1
5d7e375af8114860a009ded321feaa3f2f4fb532

SHA256
22ba479a396b3f34b9c6dc60d07ff455fa0b34b10412e3e0dd0e4573ba5598c5

SHA512
21d39697f222272938bb0fb5662d8b7f570de2b12dcee14be618b2f50a52e5708f32a65dc595d119cda0a2539bc0cf3547a64ab930fe7777c49caf24b5f50e31

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
82ad9ae5d4ae64a4656f6312697e5e72

SHA1
803ef986d75fce5f3304b7d303942d925218f6ec

SHA256
af7185a175cafc82907662ffba6e67b6c4ddd6fd377fe45014c3dbc12e762ad4

SHA512
3b76eaad3f83fc8769fffc3ce43fe13de3b98b686035ecfd39a5e3220ac9b3988413fdcb1928d7b3688b64c9b34a20d812e40e6f025f57217ff593c87826e30b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
d97cd520bda102311128e108c3d43f6d

SHA1
cce5a9e52163c3920ba360bf2eb3c80047b9515e

SHA256
111b7df046b7edcf32e09c837263f8ba93f1aaf329cedba6498c25d0846d2c40

SHA512
130478d71c036fb578338a6330828c8e956b79700a41f13b89d4b464fd8819f5573e4768a093ccabbdd8c7c62a6da5fd45075eabea437bc203910e8504ba1aba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
5cc555003c5778a8d17a7e852625099a

SHA1
09b9f50c13d91a3fda15ffe65facfe8784a01e9a

SHA256
a3acea886aa770bdb009cc9e5e1ed87e00f0dd5f8db79679e9046fb3f7b62b31

SHA512
dc092a4b8e9e93b84bfb7d2797361a93bd080c987bde2d5776265f90861f22e2f6cafe3362784b63530b6891b4c247af487a1640a80b9ffd285a353df1476bf3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
3c0d4b7063e9fd57670d882f8e7f04de

SHA1
0536ad8e638c87e5903cc91b3f56af1f39a7f775

SHA256
b7e4143eb2d25d817f1f81aa6344d858f886a735ea4fd532a7ac287578fd39e4

SHA512
eb21475e412e06b3ad0adabe3c5043b017939dd6a677572e58b983467661e278bf184a1a5b25d64cd88e6d7cb665e6224609fe9bee073dc4211cb1b78ddc7aa5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
843ee0a88c6cbe29b27dbb6b5d086bb5

SHA1
b1df9439c3d158609692d8cad0f30a9b41523d36

SHA256
5b6bc1720eb2bf54feb6e57efa5ade95f29ffed1b38746a0c680ba0e5bb6b144

SHA512
d17d191ad97b1e4b14fea5d6e393202eaf57c2a0d1130062650a4d57d9cbf6d4efcd788fc02f63faa08967c6f3e5b45a2f0d27de66505d71909302ac13ff418a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
3ecc8a095c89f6d2cef1bbef9339c84a

SHA1
517463e30123a6f251cf28eb99dd9bc69acf556c

SHA256
9ec8297639d5ae70ffde9db6cbdec8060c8e61a7c737fedd392f5f88d7241f1b

SHA512
93b14a98edf495e96a053f0f3962531cbb07f3dd9ba400d499773f88217fb8d6ea1fb44ac3f25e98f38373cef83216c75769fe439e4e26bd85e06fae563d984b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
5fb604b6a017ecb7d094ee4c3efc54cd

SHA1
cc3ca5205b487ada1e60e3f166760ecdf0f41f84

SHA256
6a44187faf8de679e90f05a1d44321fd470845a800bfe994df33cc91c0dd2acd

SHA512
e8f3ccce2f8ef6c3ce305d0daa83f3d0b157841de61ad40484527a1bb47cc3f30a812406e80df65b6a88c9769f19ffe823f37965ac02b0599c7ebef265684260

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
ae093b558fab80d5ee4a80bb64967e9f

SHA1
a81fae86dd9e8d0f28c6120e4a9b321bfb56072c

SHA256
413fce2ec57e1f857eb5311efacd5e985b7ef8de8559db9efef881382d1f4784

SHA512
b127870f9225009ff48493fda02c53e8d93c98c6a5d0ff033c747f8e8eb0bd39cfaea6b86d83e032401d73f01ff581f78d547e0dfd94dfca1b9cb9b04f21ceed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
9d8fc365d8e109179728d26c519c7247

SHA1
6a202988892ceb7482c1c06450e74aadb9d389e7

SHA256
f5809c0acdc923e00850d7d3b8d4f8ac5ba99fb0bec0b442f9b50bb74d58ef21

SHA512
490e1a69875383b99a2acf48579d696fa8fc001b406e185a60489ae1879bfc6eb1b2d077d5b2357c73ac9ee90f6702401489d3e260ef137010cbda53f4909bbb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
db1ac8ad56d686221894918f68cd55e3

SHA1
fb806bc29e6550fa63e20b0a9cd13b6af2321e38

SHA256
6f220cb3158b85e4617ce8ac6c49bb759a34dfe4e50f689202b7bec11c689fc9

SHA512
2f891d919cd6007ee4f26bcdfa980025681da7dd51dda425f386093213853cdf8f227a8973c17cd92ff2f874f79a4dfc29bb4398db767a6cdc0a292766d28900

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
f47f8c6c3be6d04bc660744bcef392ec

SHA1
ba2698a9e39c51eb6612d8121a7640efff8af64f

SHA256
6653944548881eb2972a6bbb72c357478d1ee66e1d6fc800753ef7195ff5ac25

SHA512
46ad92a88542880e840c68c95689d2cd199d2c0b2b1469e236a0f4e037a971666d88edc5ea36d6100920923fb0376009bf7202437b1c8a50d7e52e875f7299e4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
7023aec4fefea87aa533a077ab637467

SHA1
ee8eafe316c29f251db54986cc8fa6a3eb46bbfa

SHA256
024e29a78620a49a47e47313e2d9253c67d0daa039deabe49a1584d3483ca5ad

SHA512
8ae843b50f80f792bc4f8817488b5ca5d464f8a32fd3382776fe15a2ba9a7254dc43a3edec4666becf5502bd7f8c09214e645d15d2adf28e683bbfef0f70a918

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
84bb30eba71f574f114d9547da25e3cc

SHA1
753e0b177c090a3cc07274a7fa2bab5c2f188adc

SHA256
661959d76cc141df0a7b4bed452f0755c1d46e2b218317d0c20d8ec931eb90fc

SHA512
46d8a6af96c076296ce11dfae38c3bb773574f00b8867fd25c34988ad2e86d03dce50743b773614cc79d47300b0aa16a9c24f4ce705e84ae69f0a7efbf2e7ca2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
9c1f656be72684192c425d99117f3ef9

SHA1
d0a8e95e6a782a020ce636d81153bc7db1a45cca

SHA256
8dc385157c319af3bc84380ffa222c5d836f2e60239cceb0a9e21d7f4f6ebbad

SHA512
451e4c21918849354cae9143199e14c27b1e939bde69f69c10ee77ed8ea56e7790cce22e9fb24e9589d77251fa508c99ed1ed030432b518124c58c3e59e21d9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
e9e09a7690d568c9fc59f8ba68df036f

SHA1
4310f1e2294df9da895775d37632f7ca2495c698

SHA256
0fef3762b7db18e1b77cbc4e4f9771c77b326b9beb3ab8252b8a2e3a84b4a3fb

SHA512
6386585b0c5136056638ee5aaefea3f16f9fd80e521045a279f158ba27bfca03b72989c24de4345ceecf74e67826c4736f88ce259065f4c1699947fb3e2878ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
66f7df77cc51555ac72c48b3bd79e708

SHA1
cffa62764c11b7c8791e3a09d6cdb424847c2bf6

SHA256
1c754d161d3c46368aaa71447dbb2f03ef44fe3aaf301e3210260f1d294b073c

SHA512
a1f213ba37444a3f4619a7ad53fc642f8a4d9992b0ff63bd140f91b64324dd4c10e07935659acae5f4d3ce282f87b3eaebec63dba4605fd03b762502b793d38e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
17541a755a2828ee22bfd86c833bfb5d

SHA1
87bcd44f139ee450d21a5893e8a0969519c51521

SHA256
0463d2c8211c92f325888072f1ce229f2bac518f7553c807a2e463ce295150d4

SHA512
f284ef9377f0a818b34a727ce28abce25cf3b3e0525f1e6215a1e2edbab1e722d68bd23076b69d47188f52cd5bdda333ed8a67ecf7e73afcbaf047e3861a728c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
565c9c894aba2fc615402ed0ca4870e2

SHA1
f399a5e31c9a766492efeb35944ba3838251b479

SHA256
569a156acda85509152f8a278fa712fd71f1dc4d4cd5f021e5ad25d18f67554e

SHA512
90f1773103ef7b0fd9ccf936b56d2c7148f2f7444e4cc5ecfbba79549ad4b05cfa4dfd9e695be617f6a9199f57e6420b5a4f3b45c55a4309ba3d338d244b6d76

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
308d13a4b36f5a13937363b7286cdbe4

SHA1
859a3d6faa99b2ffc832d2ffba12d520da6b1e2c

SHA256
7c246ef81a2f0686cfc99a66e4f5ad324a8756e48f04062b8b62d4b0767ea6f9

SHA512
51a4ae232d59f5d4cb35abcd2435914295949f082dd4a5d374fcb5afd4e0ae59fd07208a4b4d55073d3e6e305993214d4ff2f687820fca785b16231196857bd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
3feeada2651993c84a29a7b32855c0fc

SHA1
5dd53182086d9783cb237f38067374c6cb451df7

SHA256
fc82b5dfa8a8d6231a2d5d880093d4dd8b4c9e3cff3ae6f60e2bb71d8e38c165

SHA512
910e8395702f05bab06ceb0766122beb55af467f3538eda41ce9da3bd3cd1383cdba23c190a66a633f73ea5a107a175a740dedcf568212e5f042361e1b995da2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
01525cda14240aa12d21457ecd080ca5

SHA1
cdf0f6c6fd23ccd4dcb2d77624dd0fcf0aa6c336

SHA256
8300bb6719fb3c89bb89d3945654a573b2940b12cc847149cead49ccfb105831

SHA512
ba9b476af70f661080d222cf82faec1c9c058399c5fe94edb785e1d942617f777c55b1998ad32815837a3b1d904ab7f988ec06f8c1280ffc6baf4570b0c2159b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0d82c6b19e67e934687baeacbc3dc467

SHA1
eb818d44069c8617bdf110595258533ba99d2205

SHA256
4f4fc747f9c14b1f73c4a030c7e875a0e2dddaa6be2178aeec99047e0081b6fe

SHA512
0033ddf24c500fb63b01827fd431eb967f44e2c7f671d1fee2fb884bd5e2f9f1a7e30bba311a70f56c8bc8cdbade4267a3dcc1eabf0c8402bda39fc68de3cbac

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b352a38f4a21cfe511768c8e5d3b2386

SHA1
20835e64b2ae8898cb11bb663a1bb892b2e6d8b0

SHA256
b2c25cc8f0f276590137a08bb3d687c7ec3e18cce1bcb8c61e5c2950e3a6322d

SHA512
fd603a1ba8aad0d17b6fb66dd9ab8c3fa5c6cbc57f941e087f9a657e0bb22cce296039dbba112d83b355070f296c365456aa3c4a4a8eb4f8e9c4332fa59c5093

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
377ebd21f5518440e2f2f042c1e642cc

SHA1
0a3c5a1e0a9943b6eea44349292fb59a08226ffa

SHA256
768e6c12e5df929835a7b1944605329e9bbf85e86577e1bcad40a822b8b3a03e

SHA512
81eb45c53856aa341c97b85783b8ab54c33d71c4e05636b15fa51924b85a1776c1cc6d42b3481f9e3d34eff8fd04c1f32776648254971e9acc3b3deeb493b65f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ad7ed4ce971911cd93db23915a5a6be5

SHA1
9301f45cf4b21335072680b1f462dfd3ace1d39c

SHA256
41cd62a7818faeb8b736b6f9feb41f80129b2ba380ab5763fb73dd0a29b96be5

SHA512
ddc9ffb482d86dcc826482367befd1317291c521bf984c7b6243bca1307e80129ed15df95dd9fa4148d7aa09070abbe34b9f2d3fb2dda38432773500d4bc79e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
8f0c37526050339bb2e42c5403b52cfb

SHA1
a146ecc1b342e20ec33be457dd6cd7c6d7c1e38e

SHA256
dd5d709d4827854116bc03c45844b7831d5511a67512b607869cb0b2ebf16024

SHA512
24fce80e9b5d1abb3722c72aefbef18bb46e6135c2d6d2fadc911c7c092d68307806975ee05d0709e5877b46d8aae55fc23171c67b8509ad2087d82cdf425e77

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
7278c4a484e78b86206e256e030e2f9c

SHA1
edcb0010722b121587b7d35f59165c73d8a983be

SHA256
d691258f79ff326703a8605fba11d126ac08d1c9bd8fa76b13c64fb711a4ef35

SHA512
86e6e6086d014075dde5858bc7cebe7a811e8404a6ff61c8c3b9fc3d15e5f2b8913b8c29c5a51b955cc987c633eb8c5ae89c785ebb154afce6ef257732419280

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
aa6648e22e3cbb4211e3671d194df7ac

SHA1
98badded250b8117544353139cd0c6973f1fca75

SHA256
733b050af0880bb40c33e3124beb6da4c2a11723136253843eb51d1fe99fee97

SHA512
020470cea1824fce7711ba5c18b2037d91fcad02b0bdc618b54e3e4ae25096b61e2b7d4f7d247f34d582502cf4be52a24a48ee3938cad223e608d90c3aed60a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
13c5b36c7a22a42778da1d8aba75324c

SHA1
3161df66d2dc1c785db5dabc4934ed3994dfcd08

SHA256
ec93d5a3ebf4498e335a8654a94bdaed2e01e1c0bb2a39a6c8c3fc3f4a06b656

SHA512
3b14b3fc597d0c7967e875782212ea2b97e3f6f2445a7c527cd366e3d18de6ba5b4769ccd231a69be5662e4aafcc11bacdbb3f36326cc0e429f8e5c48b1844f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
5ce218cb8d3e0b1132f068bfaff1589a

SHA1
2e31fb618633d9651188a5bbdef3e09d99e3c976

SHA256
b8bfbb01de617ef7aed54e19bbea361ea4564d3a9dd36b28cdd4991a98be897e

SHA512
11d8dff523fd92bbfc84b3253d33ed6952868f85314b4d5d7e7d625640c39d76211ac3e88ee33584059371b9b74a4875a8268cc82eb5cda3b11ec88f039de455

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
60d53709c41f590b60a3a908521bdd1f

SHA1
02601fd4aaecd224d2578f6361fe744cfa39cbd7

SHA256
52a9abac4dd7f096750267be9237414e07eaf18f1cbf637c8fb0529c23274ea7

SHA512
1d0494f998ed9d1b67b5dc7f1232976b054b8a500b197706af35d3d0227bcfa50b769653ff6927b83c76b754c52e274328a182c6af32de8b6c85063620e17408

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
cc2ea8534ed78871e3c87472d6e7ef62

SHA1
f2d9b2c02fefca3f998fb058c05663a3ec1ec34b

SHA256
6fede4704f5f5d61691c48adb1519ea8cfacba705173d5b159f5f7661987ac77

SHA512
a70fbafdb209c3faea96fb2a5ae30de2e411396035244ebb22c4a02ab7d5a22b631a9b5a3f553d755bb080645576b632bfeda10dff15cea3ce3ae8f71fa9ce0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
52166364c18d37f0f3248f8888488f18

SHA1
802d57a86c6270bc7129509b49867df9da43b33d

SHA256
5f8e66f4264c904a96151852a67002458b04c10ef8abfbe8b24c3f76634217eb

SHA512
70c53cb2bdcb5dbff16a732e10504bd35c41d2cb3193d45d2c6a765746b768e18916182b89f118c62c095303ebdb5a2866e932c391ae99583a722c1e1513bc30

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
527e9cf31f54d46d9b42ee9f7c641bf8

SHA1
d3cf859229caf70a75483bb900e4edf40db12009

SHA256
0d43f607df821bb580ea07d8971a2d6a5d4a1ea255a905e221bb306342d04153

SHA512
17a2387330b3854fd1177b9ed3fb77fb278a4da206f8fabf4e049f14d97a681dce171d7c43103a4c08da2cdb32537d7024e799e91d31d7bfed6cd31468a015c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
2113e09f711ea3fa9fd9e84dd7bade45

SHA1
6bd1acf0eeab7acf920cea4d09acc0ad3231a7f3

SHA256
6a6d5d26fd16a5f88f832236f930f58dc06201b7e7a6708825b1819434fc428f

SHA512
d98a4156577d579256a4d1590bb0642bc75bff513a29bf24bead57719be382cafd09ac3752a3263a4613dfc6b9d9584279f9f2245f691b681ec7faf2f36f5f3f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
676e338220274f49139eb6b1a606a64e

SHA1
3c6586aed95dc14ae7afa0c9661df7de9aa0c0bc

SHA256
601b4f2dd69417639d8d26894abcef00a40a52b696f6997e6171bf88b0628d2e

SHA512
385f9ca490a8c54af8833319c9d47febe9103ef13e7a1451cd8775783401f19f50880a9cf788d3e8437923309b8244c447c4b3d515fe6a495ee2504c31c48525

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
08c6c7c6050212d863786e0f6317d452

SHA1
63ff4ce04f4ff30861cfc360a5ad56f4dca434f5

SHA256
5da32879e248a95b0c33b2a9c78cff4c00170cefccf9c8d5b0dec4527bfdb9df

SHA512
6e11e99d7333a1bc429a143e8bdcc33b2292e5553d111eaad3c62bad4e6b49e1dd2b35c990f6c82d275343090dc5c5b8e1c5ed3e36f7f67448c666f54e43c0fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
06d9ff955cb6e2462bed386d443172dc

SHA1
c7b8ab94a836b4f43ae7fd9e724e279557fb0cbb

SHA256
31756d89f5d205109e0e865fa9594f0d5e6a73ee77f66c3e454bdff7a8e8a6c1

SHA512
5263f3644b5410743cdc265dd81ed4cd891717ac0e1beb10620be768dd8328b591a767f496da498e26f648cf6efc89840280064223e869f97a2ea1c2fd67fa12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
63bbaada4dd934f64ea6e9ae78d9c209

SHA1
957996ade97cc1f0171a1f7e970d29a6b87f70ae

SHA256
7c179f1711ecd4647334fd96b70bd144507b0a3936d4dd35174993f464c0b571

SHA512
759cd676fef2e899c0312e74da992c30fb2a0b2002d2da68ba924985c7d5727aabd67f3dc1099182bc9ae46482ef9667b8fe402c24648216a2cba7d8d8472efa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
563afd9382c6f171e5695da7d00f7ba2

SHA1
19749e619a396f3065877b9f2193ded27988ede9

SHA256
2bc1c4453afa3dab777123e53177a81665aff9efc6bca67d1360fe505deb0478

SHA512
3641753166667de3bcf9be177c7f2c1ef31cd39cd86d1702c01866aa91aa7e0a3f8eaf393f95c2610ebf0bd26252cce8e0650edad14dee9670483c7568e54760

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
6c504d2bd4e1264555c6ca5f39811234

SHA1
72a7f5f49624f4941a129bd2a26bc1f53c04a8a7

SHA256
357a5e06dfd2cb5cdeac5a78c775be739812b84e52e3f1f3f51d93baeb9fb137

SHA512
2e255db3df8a66e204d1e69e7ae0e1b89c2881b065bb6d479aec04c40a69f9c68e8c3fca68f1a11540c3790eae474ee211ea89a12245bebf7ab6acf4c040e50b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
98c5c4d4c52ce4a54c8e565150d62800

SHA1
b55e7f7ab8c56ca50377c53b4d13d62f44079600

SHA256
56aeed6cd9a8bda97aacb14249a985eeec86ab1116a1ebf8fc537a773e253efd

SHA512
fc163eafcaca7c7123207264a8d8892ed1964056db0211d2618eb415263aaadcd8073aef5fcf072aeef09915f21e12a242dbd8772e25ffcac327838082af30f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
66092d7f57421f9b48aba32cbb70ab9b

SHA1
01a0e06dffe4e3805442d5efa6b3f469d7048588

SHA256
f1d4f9b3f820faad4c7abd13d884c1ff111cc8e97fcea5079595b048e8a0ff7a

SHA512
f4540a15fb03ba8d9da72873438d0393f099f19aef1c364323d234376cad8a3471f80be326ca4453ca3631151fb66130e94bd3fb8e51bf3098386054a407a8b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
8656c7b3e5f93e28609fe20d29ed08e1

SHA1
b7c627855d7ca9be671ddc68f04bf414d3287dab

SHA256
064f4c8ae790a8bb968f8e597953603c0d7994fcf7919f382c85407aa81495d7

SHA512
d2eeff76a90fa090e44091f666c1c259b85f4378412c26da4bd86fdedbb0df12749cfae1ffdf6ee2c4c97d3ba7b61e4dfd4e10072e4d4e03e7c056b5400301bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
b9567aa53e6ca1fd9245b49390377ccf

SHA1
23fba4814ecf697ef088bbb20b069d0ec86dd847

SHA256
ea75259f5f56b8cffef6fb3d7cd05ceca65289ac8f72d2aa6a32b9c76e65c1e5

SHA512
891dc08bef91ccd311ea5de12ae606fa2ef3c7a856d23d06a42013ae66c71ad237c83093d5fa148fb4d55696c7ecc9dc40b568370917795a3e2325f5288bdf1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
d542703de8c345d4430cfd1434ea67ed

SHA1
6b0e8655f57cd3c5e27e2986c1310f4233a5a806

SHA256
aa6db6d0e3c7c6e270aca50e7eac22b79f02505068c86e389ab67f0f294145a7

SHA512
b6213567d2516fc2d1d0cc51d8f8bd904b6bc0e57c924a40efedd7b207de2d5ae911c9608e23cc51c18b9babb9aa8bf98ef48f1085f1d3e9addb200f099e3f10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
df71f410a4dbe85cf60b6c23dfced372

SHA1
358aa266dbdd019f9c7b93728ed52d973cc78e0a

SHA256
a310694629d65f5ee501dfc62ec125f4fdff6f8e251ff2cb9e2104bce36fd69e

SHA512
22931df4f8ba8966f3db43289c8afdc5761ada0185dff9016072469941f6fd656475e68081fac5e1cbd9ee03ae18522e618b0fbf2410e9f811a738102820b095

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
82e84db44419cb2526a2ae7850c2be16

SHA1
8f554f5141b8f2284e234319b076cf8f1f726939

SHA256
7e0cc375a6172ac1decc3449542daefda7790de257d6d6e8955193668aafb291

SHA512
3a8ac57b1eba66b9660b30f8e5a0802f2a31ff5c1b46120cfd0670c2a407a1de8a674a94342fae3034b118151ded718b398bb2c36430542311ff1c40b486eff2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
df4d4f8797750418776b689605f3c6ed

SHA1
419c6f9b6c41d8244f5a6d4caf7430c5af6f8200

SHA256
cad9e4711d8a94fdb805dfb8467fbb4506dd0660851c111a4017af781b00996f

SHA512
022737b5728e6fdf00285dce97b8449ad9d793c0ae8a6a978ef25070f6349b8e747b2b718acb54549d24a80fe76b905357abb661be884f12a14c0b0d1f9a5101

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
0b07e59359c140df000592a42c7cedaa

SHA1
742887660c3113e30a55e6075c95a64b00434d1d

SHA256
3accc3fca37ed0091c3efd4da7776397dcd6c6cc6f74ce7308ae13f33dae4b1d

SHA512
e699e1306d27d6a9cf1214cdf505c6d3dc18ed3f32153a92e7da8f06296477d3c329c0d9a541ca70326038b246350055017490a8be598d166493ccdcb85396df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0cd061b6af710d1b368c291d0fb7d7e2

SHA1
0964a11f349ffd1e827897ce6ac5be8dcf98cd5f

SHA256
e9823fb267eda8a55e81b3ec2c901621ad233e61b2ef2b03f284a652d8422e4c

SHA512
96976652fd8024225a849e91a3f15f8162085e579ca26426b3d2d3d60622006574870cb0259e6385370bbc420ade78fcba9368c9f50732e059cf3d002e47cbeb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
444083f057cb3e847fec8303f166a448

SHA1
e7bc4b44a7b2a64b55207b48225a8890cf8ce725

SHA256
6c09e400e05fd9bef3462d06e45d13b4d94c3fd199d6c07d6d0223463ba4c07c

SHA512
80fade392577ade79cb9f66133e4690aa155abf9836c2aa206af5f992c98c743a4d1052bc6ce61f3aa04149ae0c46215df14ed6c2b782d2a4d6c1eec46713e6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3117ee1d078290a31b40ea9f2ca1179d

SHA1
e8ec1e69c06c90c8971228f525ecfb06951d8058

SHA256
5b76d575f1228b71ccbd00ac92f11f40cef5838685984a6b99e09ed2c97513b0

SHA512
028c849b74ad25b3fc57fe7795c01dfd6945e0e8740d28c09e471c085da38c29ceab56b3273aeaee8bfbeb7bdb746849342118ec295c5b970b93ce0f96ff38cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
56246ddc78684dc8ed0d20c27259639c

SHA1
c752fc38e89c3f3e771bbaff1cedcb84488b1f59

SHA256
5f53460ca682def02b2c8e8d932742f7509a009e5fc192b22e2bc340906d06b1

SHA512
4e5264fb00af7237e5302964f14efa2f70c5be3ea6ab9c0bffd84bc62be6f931f0ddf1b89e575b64d3b23c8ca1e704cc42c38738563835d0c97db7c84d104cfe

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
d0be3881173c817d15a491075604e000

SHA1
b5ed624acdf8a62b8c8932a4da623a86ad5e143c

SHA256
7ba9fa63b531964a20cd92390592e50198cadd18679e43180dbb5a8dbdfb4b22

SHA512
3c8628ed2ba1e3841ff965d529a9781bf162037f43009a2c2b9a38e05d816f6a30ff85fd89628f79c6d1ab29cd6b492e6eb41f4694686edf0b47171234c03042

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
809feec4fae7723cc2bfc7cdf868b7de

SHA1
c813544f74a0a2454aa4f33ec423fd79c878e758

SHA256
1a83cc19d2da79b9cb59f1180ab7f43c1d49f141fdd38c931cca41c6375be08e

SHA512
343296f2f07888f52422b989fe75b76c7a9ab4fb7bcda547984f2da8a38bfaf1ea3abba14f3419138052687f7e7ea42c16895889633b0dd380f3b673b27675f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
0a223eae761dd5d32c8405a9561ab5f2

SHA1
05396c14d5b5c1f57dcb997f00b6bde8640189f0

SHA256
12ac5712fc7d92eac3ab3f5f27c1b448bb7fdae7edfc2ebd5b1fbb445bb2f951

SHA512
c5c496a41231737bc4e0b9be69d5e74211bcad78fca07515411ce77e2945b7080dca7d17ed8036c12646373381366dcbd2447817664599e53f1baa0ad8836372

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e20c73e6b24f1f0f4049e6f03da39bc9

SHA1
30330f68868a1af24394d876bc3afc6a4d942428

SHA256
f5a5fe458fdb180aac06db9eeb762513ffd3b9bd3d5a09eb5ce6783d271de718

SHA512
7fd42dbbd22868a701571ed6127dd0b03c98ae23795e3e41f63981ae02da0fe215483c157ae25bb5f2610755d0925079480f98048bc6cabe85a9d58b05fb45e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe609d4e.TMP

Filesize
1KB

MD5
4fb3b53943d94964baf03a69379472b3

SHA1
2ae9094b2db04dcec6031d086439872d841d202b

SHA256
dffd2a564a095f11ed3882f8bc7e3e7384f53828211094ccec09c7b1fedcd8b2

SHA512
d88df86b378cac2c85409d906264555bd4196faf42fd0690a79ac787024465d8bce633e4badc6263d4fdefe8e676133112179b6f405bda7ec8e5330578002896

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\c7b2c490-cd18-4663-ace1-3596efa40603.tmp

Filesize
1KB

MD5
976352295e401ada85cea88693062506

SHA1
a00b18bf5be0be5af09bd79e2d23bdba39700e57

SHA256
ea3fee37cd9ec3a167da913e7cb7288683c076fd50a7d8bd86156f6e07c8bfa4

SHA512
cbd7264c4fd6304fdaf1da0d5c030a9baa750ca253c550b4777436fb977fecf840f6f092bce8b66a2e70c926edd11c7a91d34ac39f1d42141aea2d0ac4d7ed60

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
14e545d6500b79a25020e0bef05536c1

SHA1
9f6b379b6d84464fd467ace2124a5d458206c18d

SHA256
a329d65b3134117f381c3d912d67a8cde79454dec6ce9bc11d084b5d9c2eda99

SHA512
31208da581c002962d7c705e04b22722601c05a0ae56e8be95f1520a7c649c694d0cbff45e0233ebbe48cf5937647fa062a75abea5a5fda82081de4222c08955

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
f7acec818e4e849cfd56a64ba186b96b

SHA1
f775ef4c5b2b1c24deb66b39b5d0a8e180e585c7

SHA256
2d07da76db4fbeaa2b10fa9ad2bfb3d48022754d9ceaf45a40360a811cc2d6d0

SHA512
7d1e5530c0a55f504aa203cfaea3f6572d34d01146dcb65da659b96b4eda374f312b3cb08b265e5a3aa6682d408981c5a809f8cf4711b86ef0cc60e70f66cb67

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
10902a682a6dacbbdd8a8e775583fac3

SHA1
9ee2da597efb9057904f5760d72d506153a7b24f

SHA256
3341d24d593587bc1544e3f4466908a29a3b16cb563a0708aff2e4e300724f2c

SHA512
506073215085b81ec76c3ec01e878f91301fa75b5a83607182cbc033d93ea448073ca9f30ce37c106f21d75ebad4e84df736c1533d32b515092d34fdfdbf0510

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
91938fbb509c6387ed837b860c79abd1

SHA1
61334f3a1a71b2f939c1c503f939c05f4883b65c

SHA256
ec0243a57fe064811c2491b8a62d2ae0df841fe7b8b8ad313c523b5f78853e37

SHA512
8464c35cf2827f84015ed381b0424522cdf208722e2378d018d4bcb4bc3e112bcad87ffa779ec8cb2a1ab073e6dfcb066e2fc354a97e9a8060fe0c5aeed39a12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
daf268f3ea9ed1f599902efdb88ed277

SHA1
f4513bec6c70c268fae72764b8907a95f2abcbba

SHA256
248c7588f46639b81d3bd5ebd0b9bffdca26d42419e302beb88d7e52c330e423

SHA512
2829bf1898c84080b29a47190070c3580092065c4b76c9e96b6b6c9482c7c8e7ffe47c1538f91c2b3a96790320e73742526eedf42a2d1010a1a39ef836289801

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
b9506d61135d8141f888624332926696

SHA1
4a072cce671731e0c37696a27d1ea48637dce4f5

SHA256
d747dc3189db79820499142bc2ee86005329301f935571d5168413baf168fc3b

SHA512
0455076ca9ada636c8accffad4d310794979ed33c68e85659473957fb7baea31322b18dd6d192db400f672e87aadab49b30dba5cced09382609d84fd0f45631f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
7fe5021e757603aee0873c2f8b4eb52b

SHA1
7668832f8870a0e08e5501a1ac3b9bbd1ed767d7

SHA256
0036481a30bf5c85b3b8fd4ad2f9d9d048e356ce85a302ac05955588c0ff882a

SHA512
052e9ef4852b3629afd453513c34729f5f021b54189f71ca7146ef4a9519e4c92b297e2c5643580828ac97d39ab8a593ff1ac9f15dee95d2077286cefbe9b993

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
ed17929893e7b43006564735017b9ca5

SHA1
b1cd94351e8992ff3ffeb696efece8e5f1225c30

SHA256
194a08d451c0d03692692cb26ca824241a7e8a9b2d9f28ac8ba73473f4441c62

SHA512
2fde0ebe934bcb2ed4089eeb9630bba1e2a7831ffce25a75830c066a4a52ac3b92e9f8c05827d638c3ccffeef83e50a76e33a18510d10657251ed1f44df54492

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
a012c70e9225130d4a47736e7d5c5470

SHA1
fcd7a85dd5d6dfdae1683424d0e8500d5b531c1f

SHA256
f9f10e47e90538dd1dd6041e9a30de0abe49befc326861326c86a614f87a4c38

SHA512
610a5f446a8ae0e6ff75cbdf17bfc1f157b91302fae826dcf72e71d52ea64648b12648465794127f591a57a3bcb6fa0ddbe5f7b4e9b7b5b2bd1d849407bb00af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
38a05bdc063dc7fe021bcbbb0bcf02f8

SHA1
8d8f0e15a2f4ff082f76ed2f5e6786f61f9fee23

SHA256
b65cb7e9ab32ca39960528c0a875de4d1eef8353f906bcbdf7d47f3d89211dca

SHA512
c37629b2b6f6805bb44add3dfd913b0f63190333352f194ae260514d709e1020ea9a254b488dbc2227905ea77b747ed568283dce9b47d25b0e0870f08483d8b7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
480e7581d9e819eba982a06f7af8e1de

SHA1
a7cbd1d0937a2f80b3a84622c912e8fa722b85cb

SHA256
03c6bfd74041240f4c20503f3235ec2229879363205703949ef3fa288f6c0b3b

SHA512
1297e1524bbc05c9319121776dd6d61d79c07691f844f8bb49dcd5e407e7a7198e0cde9b7cadbc5cf177dc0602920e0c435992033ef9acd02da24010d1cf709d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
10a537ffce3a45d001be9b50b925c546

SHA1
da30931ab00559dad964370094f7c5647e27dd67

SHA256
a78de37d8ca73aea0aa6a5390de15b9634cd2be20568536b10c67cb86730decf

SHA512
f1c08962f276ad31b38ea2014bcce9e0d6328ea7868a3411a853d05900719915209bcf606b633581598b0c3ece517af1c2206b2bec9dcc9434f4432ffea0aaad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
5b3b348623b7a2f5588da3eca35f7c2a

SHA1
3418553c338f87f6efdecf16410c3f39acfcb163

SHA256
6f3f0378ecd99408388a3f2d7216bc073162e8c21e2a2f7df10b04be0b03d5f1

SHA512
2ba8f96ca769a6eb3c7600810169270820f6a8f2d1fd8fe03b938bb690704c550884ede7918740e528ec8b578cedb69f9bb85b3916babdaa118b03a2407f102a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
b20172af8f47727d1e8210bb146891e2

SHA1
c68ff59d896241b680869ca03f4b9704f494b018

SHA256
06d0d965482b9931ec9b3c6f67f7a6b0bc3ad71a6d7f5f9916c532a15dc72498

SHA512
ad6da956d257881754759fdcc022a3df5dcb37cb806d163ab6f4422e1f7cc1a0c73dc139eeb0c37c1caec387fd791ef384d5908dd383e8977c62f8fb287a40cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
2180bd46085a21f5544f226fee02f30b

SHA1
99ccae1f8043498e205cca97e9a4e0766715e884

SHA256
ed3a1c6165d059809e161b9a88b40e305794f4c2fba4a2dd2cd05a4d1671462c

SHA512
05a40fd6fa8784f41cf83e1a05258d02810601d9f823875e2eccdfc01da31d5a2b48b59bdca113f58dff9621fb69ec81a85fbef488ca45ca4ff16dcdf711e409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
babd4bf985e08e56e2a646aa7f9e0513

SHA1
17d19185dd5210efdc6c45ccd1a7f9a9f273b8b1

SHA256
8dad871ae7df95ebac46b96928fe85de81cb0d205213b11635b7d196908e488b

SHA512
f63148865e9cafe93036400a6ce2b530815d7ce23907d3f11fe3833608a6c83020cbdc35ed4cc1dcf469a1e6c6950927bfe570098ce44752104e9d7fd958d782

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
8eff9952037d5da0108f85a74f073ea5

SHA1
8bffa7dfcaee60b073b39eced9264eba9a232b44

SHA256
90686212d3d64fb26cba4c619b93cc117d5e2839c8fee9c38ef1edc2e6f8802a

SHA512
9d91c1e3aa1e1acdcfdf109a8d2b484c359942c70c72a6bfe22a90d581ce952104e8b738d4201acf259b098eec863fe5d38c36358b1bce859c3fe7e3ad93b357

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
c45638faaaf0d4a1428192ac08e31411

SHA1
5188e6a73a16aa4ab9a9d0d793dc5bb419cb0275

SHA256
8a0c9c622f92bf4355f449eaaa77839b2ce3e284afa14da52c5d22c1ac49c479

SHA512
62a177507d0fe66c6c6907f9fcc578a4ceb2dab410c298c96524259c9d703daec245a400ab572b189fcb4158fa6f4874fc47c8f244bf298db34cc3f8a63b64fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
029952304108d3c37eb8c4c0669e9c54

SHA1
7d2246244bd73c15b773fa7646c88b7b5a08c25f

SHA256
6a8c54f775fbf2fbb9fcce5f6ba343d876c14c665a47ea2dda1024eaceba7070

SHA512
e0b5de3c9ae52991ba0e87a3fdfe7a33e185cc4f648c1a9a10b62b5b2391c80a1abe7781d4a0fd2cac3e301e4132a5ac2b3ca2d88fac81c35eda00a6246d4bb2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
1ba08a08f728339fbfab3f0f5304c2b6

SHA1
0e7cdf2c9895a2a1d795ee47f3bbb5ab8a98c459

SHA256
ec56455ee4dc2b8f5cd94437eea368c6d11d25e4f31afdae39f52a3c321c264d

SHA512
eb4d9409a64591b60d32eb506aaf2c880292403ad93b7cee15ee117a9bbf4122366f2efed208bd2006f893038479407a77b5af03399c09cccac7d5f3edfb350a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
b803e59413f299b6ec4e00221a560089

SHA1
3136a7e61e8ec686cd4497b22069b615e77bfcde

SHA256
2c0113781517514f6fda3d18b1acb26f11628a21a3687973f2441aaea957946d

SHA512
043f2c145576fc706a6cac2974d49311f9992141d10849206d9885335e71dc394900ff238a4d4c72f352123020e35c2e64e1efc52796d7d5fdfb3c35d6664620

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
07217350964bb706e54c085fad6f2067

SHA1
a9f21b08019545cc0a6b026b66a83cff1ba02143

SHA256
df967d23d8c549acbe8902eac7a588feb5712d708769e7a25f51d6bf09677634

SHA512
551b1cd5a5c15c87b2ba514e0953a0e2b441670d0991b54da110640756735ff0da51ca0a64c9cece2e99f488b86d57915ae9ff559e40eee26bf47fa298cfaf7e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
34d701a860a337aea7bfec88972b3f55

SHA1
2ea5fc631584d4d64e25d9d7d0cd8abe8824a641

SHA256
e3f08ba0c0b56ce3170495d7a1fcf9917a6b02ad1cffe525821edd06dbcea2a9

SHA512
4a36b2033414df6150421a469808f27b2dc1247f2dbc26ebea41326cfad939bfb1dbecb7265f6309ca3ed2ec1888c1fe01a4b5fc8ad7cb542db86d92036e4114

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
f64a5e53415b36834be663ee78d45cf0

SHA1
bdd105964010c6c787dfdd686e3ce33dc30ac8d7

SHA256
ea29b7ea0a0c6eb1d11744761baa41d080c23f85ed8600b20a0e5f06815c52c1

SHA512
61f0fa9110c98cda7b51012ceaaab236d7f582ef27de4cb3f6ce679c733d2268036e0dda5f40c2682c433b1f82494d9b3f81da85568cc1da52746cb17a6ffa0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
8302d24da01c71bb402410eb02e98e37

SHA1
b35dc60cdfd2f6b8dc66c883aa8d8cb95b296747

SHA256
eae069f47b3eea7f3df29da34d31257ffa4a161fbeafc5df3b152d1831d9e508

SHA512
901ebf72c08bae3e3985854c53e51483da4e58dba8153ca1daa38ebc5c225689a6f62e7868db2716a350b6eb971b5523c4cad7568c335defce04eb7531929fb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
14f329aab7c03277a7cc6268e50def08

SHA1
d03bd35d7ea435a2c4950ed3b3b66c76b8271336

SHA256
13ee20b618528716ebc31961149b3adffadae230e3e3abe643412c8792f70e28

SHA512
672bddc5c9f0886ad311c9b4d5f76a35b344fd1f839e1c8610f004de2036f2188b7850b4ac64011ec50884a717c00e4aab7cfd37cdf686fb2d7581981ef7201b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
eb4da5f7687f0b21286b59b59ba5cf2d

SHA1
c4bc80681927ad06366f6a8795be081c92739fdc

SHA256
6558d1652be421cc2a70dee3a928e05e33962834fbd0c4f569bb96db78a6dbbd

SHA512
b8dd6e930783ceda7176cda7963f94c887c6073dd32f7e86ef508fca7554b39c822f09824f3b1d4134049c695a07524cf27e0b9376c5f6401e1ca388c416c9f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e30423438bffe027aad651914ca160bb

SHA1
8fbbb6669e868458d93c5020e9c2e4c6733562c8

SHA256
df34d6822d0723180322bd28a6d5da92772144a54bcd8db27a58db5fce32306a

SHA512
204cc76175ecdc00399102714ce83a0a8e94efcbe759090c1914746ecefa13b2957ee902cc5c5cc481ec3b447672c9bf6fe532373f83a8c3a646154aaefefa56

Download Submit
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\x

Filesize
10KB

MD5
fc59b7d2eb1edbb9c8cb9eb08115a98e

SHA1
90a6479ce14f8548df54c434c0a524e25efd9d17

SHA256
a05b9be9dd87492f265094146e18d628744c6b09c0e7efaabf228a9f1091a279

SHA512
3392cfc0dbddb37932e76da5a49f4e010a49aaa863c882b85cccab676cd458cfc8f880d8a0e0dc7581175f447e6b0a002da1591ecd14756650bb74996eacd2b1

Download Submit
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\x

Filesize
4KB

MD5
b6873c6cbfc8482c7f0e2dcb77fb7f12

SHA1
844b14037e1f90973a04593785dc88dfca517673

SHA256
0a0cad82d9284ccc3c07de323b76ee2d1c0b328bd2ce59073ed5ac4eb7609bd1

SHA512
f3aa3d46d970db574113f40f489ff8a5f041606e79c4ab02301b283c66ff05732be4c5edc1cf4a851da9fbaaa2f296b97fc1135210966a0e2dfc3763398dfcaf

Download Submit
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\x.js

Filesize
448B

MD5
8eec8704d2a7bc80b95b7460c06f4854

SHA1
1b34585c1fa7ec0bd0505478ac9dbb8b8d19f326

SHA256
aa01b8864b43e92077a106ed3d4656a511f3ba1910fba40c78a32ee6a621d596

SHA512
e274b92810e9a30627a65f87448d784967a2fcfbf49858cbe6ccb841f09e0f53fde253ecc1ea0c7de491d8cc56a6cf8c79d1b7c657e72928cfb0479d11035210

Download Submit
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\z.zip

Filesize
7KB

MD5
cf0c19ef6909e5c1f10c8460ba9299d8

SHA1
875b575c124acfc1a4a21c1e05acb9690e50b880

SHA256
abb834ebd4b7d7f8ddf545976818f41b3cb51d2b895038a56457616d3a2c6776

SHA512
d930a022a373c283f35d103e277487c2034a0b0814913b8f6ec695b45e20528667aa830eeab58e4483d523bd6a755a16a5379095cb137db6c91909a545a19a2f

Download Submit
C:\Users\Admin\AppData\Roaming\MEMZ.exe

Filesize
12KB

MD5
a7bcf7ea8e9f3f36ebfb85b823e39d91

SHA1
761168201520c199dba68add3a607922d8d4a86e

SHA256
3ff64f10603f0330fa2386ff99471ca789391ace969bd0ec1c1b8ce1b4a6db42

SHA512
89923b669d31e590189fd06619bf27e47c5a47e82be6ae71fdb1b9b3b30b06fb7ca8ffed6d5c41ac410a367f2eb07589291e95a2644877d6bffd52775a5b1523

Download Submit
C:\note.txt

Filesize
218B

MD5
afa6955439b8d516721231029fb9ca1b

SHA1
087a043cc123c0c0df2ffadcf8e71e3ac86bbae9

SHA256
8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270

SHA512
5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf

Download Submit
\??\pipe\LOCAL\crashpad_5036_JLEMXQYVWQIXAXHK

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/5456-368-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-367-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-375-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-376-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-377-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-378-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-379-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-373-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-374-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download
memory/5456-369-0x0000000005C00000-0x0000000005C01000-memory.dmp

Filesize
4KB

Download