Overview
overview
10Static
static
3eeeeeeeeee...00.exe
windows7-x64
eeeeeeeeee...00.exe
windows10-2004-x64
eeeeeeeeee...um.exe
windows7-x64
10eeeeeeeeee...um.exe
windows10-2004-x64
10eeeeeeeeee...ug.exe
windows7-x64
6eeeeeeeeee...ug.exe
windows10-2004-x64
6eeeeeeeeee...le.exe
windows7-x64
1eeeeeeeeee...le.exe
windows10-2004-x64
1eeeeeeeeee...er.exe
windows7-x64
7eeeeeeeeee...er.exe
windows10-2004-x64
7eeeeeeeeee...us.exe
windows7-x64
1eeeeeeeeee...us.exe
windows10-2004-x64
1MEMZ 3.0/MEMZ.bat
windows7-x64
7MEMZ 3.0/MEMZ.bat
windows10-2004-x64
7MEMZ 3.0/MEMZ.exe
windows7-x64
6MEMZ 3.0/MEMZ.exe
windows10-2004-x64
7eeeeeeeeee...MZ.bat
windows7-x64
7eeeeeeeeee...MZ.bat
windows10-2004-x64
7eeeeeeeeee...MZ.exe
windows7-x64
6eeeeeeeeee...MZ.exe
windows10-2004-x64
7eeeeeeeeee...ld.exe
windows7-x64
3eeeeeeeeee...ld.exe
windows10-2004-x64
3eeeeeeeeee....A.exe
windows7-x64
6eeeeeeeeee....A.exe
windows10-2004-x64
6eeeeeeeeee...al.exe
windows7-x64
7eeeeeeeeee...al.exe
windows10-2004-x64
8eeeeeeeeee...15.exe
windows7-x64
3eeeeeeeeee...15.exe
windows10-2004-x64
3eeeeeeeeee...al.exe
windows7-x64
7eeeeeeeeee...al.exe
windows10-2004-x64
8eeeeeeeeee...0r.exe
windows7-x64
10eeeeeeeeee...0r.exe
windows10-2004-x64
10Resubmissions
15-09-2024 23:12
240915-27aqvsxhjq 815-09-2024 23:02
240915-21efgaxake 815-09-2024 22:58
240915-2xypyaxdkj 315-09-2024 22:56
240915-2wn44sxcpk 315-09-2024 22:43
240915-2np2fawhpr 315-09-2024 22:42
240915-2m3k5swhmk 1015-09-2024 22:33
240915-2gqdmawbja 815-09-2024 22:27
240915-2de4gswekk 715-09-2024 22:15
240915-16esravenh 10Analysis
-
max time kernel
763s -
max time network
1235s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
10-03-2024 21:55
Static task
static1
Behavioral task
behavioral1
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/000/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/000/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Antivirus Platinum/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Antivirus Platinum/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/ColorBug/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/ColorBug/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/DesktopPuzzle/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/DesktopPuzzle/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/FakeActivation/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/FakeActivation/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Happy Antivirus/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Happy Antivirus/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
MEMZ 3.0/MEMZ.bat
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
MEMZ 3.0/MEMZ.bat
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
MEMZ 3.0/MEMZ.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
MEMZ 3.0/MEMZ.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/MEMZ 3.0 (1)/MEMZ 3.0/MEMZ.bat
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/MEMZ 3.0 (1)/MEMZ 3.0/MEMZ.bat
Resource
win10v2004-20231215-en
Behavioral task
behavioral19
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/MEMZ 3.0 (1)/MEMZ 3.0/MEMZ.exe
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/MEMZ 3.0 (1)/MEMZ 3.0/MEMZ.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/NavaShield/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/NavaShield/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Petya.A/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Petya.A/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Security Central/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Security Central/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Security Defender 2015/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/Security Defender 2015/[email protected]
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/VineMEMZ-Original.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/VineMEMZ-Original.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/WannaCrypt0r/[email protected]
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/WannaCrypt0r/[email protected]
Resource
win10v2004-20240226-en
General
-
Target
eeeeeeeeeeeeee/Malware_pack_2/Malware_pack_2/MEMZ 3.0 (1)/MEMZ 3.0/MEMZ.exe
-
Size
12KB
-
MD5
a7bcf7ea8e9f3f36ebfb85b823e39d91
-
SHA1
761168201520c199dba68add3a607922d8d4a86e
-
SHA256
3ff64f10603f0330fa2386ff99471ca789391ace969bd0ec1c1b8ce1b4a6db42
-
SHA512
89923b669d31e590189fd06619bf27e47c5a47e82be6ae71fdb1b9b3b30b06fb7ca8ffed6d5c41ac410a367f2eb07589291e95a2644877d6bffd52775a5b1523
-
SSDEEP
192:HMDLTxWDf/pl3cIEiwqZKBktLe3P+qf2jhP6B5b2yL3:H4IDH3cIqqvUWq+jhyT2yL
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 2 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
MEMZ.exeMEMZ.exedescription ioc process Key value queried \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000\Control Panel\International\Geo\Nation MEMZ.exe Key value queried \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000\Control Panel\International\Geo\Nation MEMZ.exe -
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
MEMZ.exedescription ioc process File opened for modification \??\PhysicalDrive0 MEMZ.exe -
Drops file in System32 directory 1 IoCs
Processes:
mmc.exedescription ioc process File opened for modification C:\Windows\System32\devmgmt.msc mmc.exe -
Drops file in Windows directory 59 IoCs
Processes:
mmc.exemspaint.exemspaint.exedescription ioc process File created C:\Windows\INF\c_apo.PNF mmc.exe File created C:\Windows\INF\c_extension.PNF mmc.exe File created C:\Windows\INF\c_ucm.PNF mmc.exe File created C:\Windows\INF\c_receiptprinter.PNF mmc.exe File created C:\Windows\INF\c_fssecurityenhancer.PNF mmc.exe File created C:\Windows\INF\c_smrvolume.PNF mmc.exe File created C:\Windows\INF\rdcameradriver.PNF mmc.exe File created C:\Windows\INF\c_camera.PNF mmc.exe File created C:\Windows\INF\c_computeaccelerator.PNF mmc.exe File created C:\Windows\INF\c_fsundelete.PNF mmc.exe File created C:\Windows\INF\digitalmediadevice.PNF mmc.exe File created C:\Windows\INF\c_scmvolume.PNF mmc.exe File created C:\Windows\INF\c_cashdrawer.PNF mmc.exe File created C:\Windows\INF\c_fsantivirus.PNF mmc.exe File created C:\Windows\INF\c_smrdisk.PNF mmc.exe File created C:\Windows\INF\c_fsencryption.PNF mmc.exe File created C:\Windows\INF\c_fsvirtualization.PNF mmc.exe File opened for modification C:\Windows\Debug\WIA\wiatrace.log mspaint.exe File created C:\Windows\INF\c_fsopenfilebackup.PNF mmc.exe File created C:\Windows\INF\dc1-controller.PNF mmc.exe File created C:\Windows\INF\c_fsphysicalquotamgmt.PNF mmc.exe File created C:\Windows\INF\c_fscontinuousbackup.PNF mmc.exe File created C:\Windows\INF\c_netdriver.PNF mmc.exe File created C:\Windows\INF\wsdprint.PNF mmc.exe File created C:\Windows\INF\c_fshsm.PNF mmc.exe File opened for modification C:\Windows\Debug\WIA\wiatrace.log mspaint.exe File created C:\Windows\INF\remoteposdrv.PNF mmc.exe File created C:\Windows\INF\c_mcx.PNF mmc.exe File created C:\Windows\INF\c_scmdisk.PNF mmc.exe File created C:\Windows\INF\c_fssystem.PNF mmc.exe File created C:\Windows\INF\c_fsinfrastructure.PNF mmc.exe File created C:\Windows\INF\c_firmware.PNF mmc.exe File created C:\Windows\INF\c_magneticstripereader.PNF mmc.exe File created C:\Windows\INF\c_display.PNF mmc.exe File created C:\Windows\INF\c_volume.PNF mmc.exe File created C:\Windows\INF\c_fsquotamgmt.PNF mmc.exe File created C:\Windows\INF\c_fscopyprotection.PNF mmc.exe File created C:\Windows\INF\c_fscfsmetadataserver.PNF mmc.exe File created C:\Windows\INF\c_fsreplication.PNF mmc.exe File created C:\Windows\INF\c_diskdrive.PNF mmc.exe File created C:\Windows\INF\c_holographic.PNF mmc.exe File created C:\Windows\INF\c_proximity.PNF mmc.exe File created C:\Windows\INF\ts_generic.PNF mmc.exe File created C:\Windows\INF\c_fscompression.PNF mmc.exe File created C:\Windows\INF\c_fssystemrecovery.PNF mmc.exe File created C:\Windows\INF\c_processor.PNF mmc.exe File created C:\Windows\INF\c_fsactivitymonitor.PNF mmc.exe File created C:\Windows\INF\c_fscontentscreener.PNF mmc.exe File created C:\Windows\INF\c_linedisplay.PNF mmc.exe File created C:\Windows\INF\PerceptionSimulationSixDof.PNF mmc.exe File created C:\Windows\INF\rawsilo.PNF mmc.exe File created C:\Windows\INF\c_sslaccel.PNF mmc.exe File created C:\Windows\INF\c_media.PNF mmc.exe File created C:\Windows\INF\c_monitor.PNF mmc.exe File created C:\Windows\INF\xusb22.PNF mmc.exe File created C:\Windows\INF\oposdrv.PNF mmc.exe File created C:\Windows\INF\c_swcomponent.PNF mmc.exe File created C:\Windows\INF\c_barcodescanner.PNF mmc.exe File created C:\Windows\INF\miradisp.PNF mmc.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Checks SCSI registry key(s) 3 TTPs 26 IoCs
SCSI information is often read in order to detect sandboxing environments.
Processes:
mmc.exeTaskmgr.exeTaskmgr.exedescription ioc process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 Taskmgr.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName Taskmgr.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName Taskmgr.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A Taskmgr.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 Taskmgr.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\ConfigFlags mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A Taskmgr.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom mmc.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom mmc.exe Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\FriendlyName mmc.exe -
Enumerates system info in registry 2 TTPs 3 IoCs
Processes:
msedge.exedescription ioc process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName msedge.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS msedge.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer msedge.exe -
Processes:
explorer.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000\Software\Microsoft\Internet Explorer\Toolbar explorer.exe Set value (int) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" explorer.exe -
Modifies registry class 64 IoCs
Processes:
explorer.exeMEMZ.exeexplorer.exeexplorer.execalc.execontrol.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-2#immutable1 = "Recovery" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-2#immutable1 = "Configure your telephone dialing rules and modem settings." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-2#immutable1 = "View information about your computer, and change settings for hardware, performance, and remote connections." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem" explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-6#immutable1 = "Color Management" explorer.exe Set value (data) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3000#immutable1 = "Sync Center" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-15#immutable1 = "Troubleshoot and fix common computer problems." explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings MEMZ.exe Set value (data) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-2000#immutable1 = "View and manage devices, printers, and print jobs" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center" explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software." explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-1#immutable1 = "Network and Sharing Center" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings calc.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-101#immutable1 = "Recovery" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-52#immutable1 = "Set the date, time, and time zone for your computer." explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-159#immutable1 = "Programs and Features" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\SyncCenter.dll,-3001#immutable1 = "Sync files between your computer and network folders" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4312#immutable1 = "Internet Options" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" explorer.exe Key created \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings control.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-1#immutable1 = "Credential Manager" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" explorer.exe Set value (str) \REGISTRY\USER\S-1-5-21-513485977-2495024337-1260977654-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" explorer.exe -
Runs regedit.exe 7 IoCs
Processes:
regedit.exeregedit.exeregedit.exeregedit.exeregedit.exeregedit.exeregedit.exepid process 4724 regedit.exe 10512 regedit.exe 8248 regedit.exe 12076 regedit.exe 12056 regedit.exe 3684 regedit.exe 1904 regedit.exe -
Suspicious behavior: AddClipboardFormatListener 1 IoCs
Processes:
explorer.exepid process 2484 explorer.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes:
MEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exeMEMZ.exepid process 4892 MEMZ.exe 4892 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe 4892 MEMZ.exe 4892 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 4456 MEMZ.exe 4456 MEMZ.exe 1176 MEMZ.exe 1176 MEMZ.exe 4892 MEMZ.exe 3564 MEMZ.exe 4892 MEMZ.exe 3564 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe 4892 MEMZ.exe 4892 MEMZ.exe 4456 MEMZ.exe 4456 MEMZ.exe 1176 MEMZ.exe 1176 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 4456 MEMZ.exe 4456 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe 1176 MEMZ.exe 1176 MEMZ.exe 4892 MEMZ.exe 4892 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 4892 MEMZ.exe 4892 MEMZ.exe 1176 MEMZ.exe 1176 MEMZ.exe 4456 MEMZ.exe 4456 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe 1044 MEMZ.exe 1044 MEMZ.exe 3564 MEMZ.exe 1044 MEMZ.exe 3564 MEMZ.exe 1044 MEMZ.exe 4456 MEMZ.exe 1176 MEMZ.exe 1176 MEMZ.exe 4456 MEMZ.exe 4892 MEMZ.exe 4892 MEMZ.exe 3564 MEMZ.exe 3564 MEMZ.exe -
Suspicious behavior: GetForegroundWindowSpam 5 IoCs
Processes:
regedit.exemmc.exeMEMZ.exeTaskmgr.exeTaskmgr.exepid process 3684 regedit.exe 5780 mmc.exe 4296 MEMZ.exe 3168 Taskmgr.exe 6220 Taskmgr.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
Processes:
msedge.exepid process 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe -
Suspicious use of AdjustPrivilegeToken 14 IoCs
Processes:
AUDIODG.EXEmmc.exeTaskmgr.exeTaskmgr.exeexplorer.exedescription pid process Token: 33 2856 AUDIODG.EXE Token: SeIncBasePriorityPrivilege 2856 AUDIODG.EXE Token: 33 5780 mmc.exe Token: SeIncBasePriorityPrivilege 5780 mmc.exe Token: 33 5780 mmc.exe Token: SeIncBasePriorityPrivilege 5780 mmc.exe Token: SeDebugPrivilege 3168 Taskmgr.exe Token: SeSystemProfilePrivilege 3168 Taskmgr.exe Token: SeCreateGlobalPrivilege 3168 Taskmgr.exe Token: SeDebugPrivilege 6220 Taskmgr.exe Token: SeSystemProfilePrivilege 6220 Taskmgr.exe Token: SeCreateGlobalPrivilege 6220 Taskmgr.exe Token: SeShutdownPrivilege 2484 explorer.exe Token: SeCreatePagefilePrivilege 2484 explorer.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
Processes:
msedge.exeTaskmgr.exeTaskmgr.exepid process 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe -
Suspicious use of SendNotifyMessage 64 IoCs
Processes:
msedge.exeTaskmgr.exeTaskmgr.exepid process 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 1420 msedge.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 3168 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe 6220 Taskmgr.exe -
Suspicious use of SetWindowsHookEx 64 IoCs
Processes:
MEMZ.exemmc.exemmc.exemspaint.exeOpenWith.exeOpenWith.exemspaint.exewordpad.exepid process 4296 MEMZ.exe 4296 MEMZ.exe 5716 mmc.exe 5780 mmc.exe 5780 mmc.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 6856 mspaint.exe 6856 mspaint.exe 6856 mspaint.exe 6856 mspaint.exe 4296 MEMZ.exe 6984 OpenWith.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 1436 OpenWith.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 2780 mspaint.exe 2780 mspaint.exe 2780 mspaint.exe 2780 mspaint.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 4296 MEMZ.exe 6820 wordpad.exe 6820 wordpad.exe 6820 wordpad.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
MEMZ.exeMEMZ.exemsedge.exedescription pid process target process PID 3288 wrote to memory of 4892 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4892 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4892 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 3564 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 3564 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 3564 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4456 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4456 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4456 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 1176 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 1176 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 1176 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 1044 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 1044 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 1044 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4296 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4296 3288 MEMZ.exe MEMZ.exe PID 3288 wrote to memory of 4296 3288 MEMZ.exe MEMZ.exe PID 4296 wrote to memory of 3996 4296 MEMZ.exe notepad.exe PID 4296 wrote to memory of 3996 4296 MEMZ.exe notepad.exe PID 4296 wrote to memory of 3996 4296 MEMZ.exe notepad.exe PID 4296 wrote to memory of 1420 4296 MEMZ.exe msedge.exe PID 4296 wrote to memory of 1420 4296 MEMZ.exe msedge.exe PID 1420 wrote to memory of 4684 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 4684 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe PID 1420 wrote to memory of 3792 1420 msedge.exe msedge.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:3288 -
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe" /watchdog2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4892 -
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe" /watchdog2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3564 -
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe" /watchdog2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4456 -
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe" /watchdog2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1176 -
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe" /watchdog2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1044 -
C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe"C:\Users\Admin\AppData\Local\Temp\eeeeeeeeeeeeee\Malware_pack_2\Malware_pack_2\MEMZ 3.0 (1)\MEMZ 3.0\MEMZ.exe" /main2⤵
- Checks computer location settings
- Writes to the Master Boot Record (MBR)
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4296 -
C:\Windows\SysWOW64\notepad.exe"C:\Windows\System32\notepad.exe" \note.txt3⤵PID:3996
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic3⤵
- Enumerates system info in registry
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1420 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4684
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:24⤵PID:3792
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:34⤵PID:4704
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:84⤵PID:3592
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:14⤵PID:3144
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:14⤵PID:1216
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:14⤵PID:1916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:14⤵PID:3916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:14⤵PID:1972
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:84⤵PID:5212
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:84⤵PID:5228
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:14⤵PID:5472
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:14⤵PID:5480
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1856 /prefetch:14⤵PID:4676
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:14⤵PID:5980
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:14⤵PID:2256
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:14⤵PID:1672
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1932 /prefetch:14⤵PID:5756
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:14⤵PID:1544
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1404 /prefetch:24⤵PID:4304
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4024 /prefetch:14⤵PID:5260
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6340 /prefetch:14⤵PID:1240
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:14⤵PID:5176
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:14⤵PID:1608
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:14⤵PID:3136
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6052 /prefetch:14⤵PID:5888
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6548 /prefetch:14⤵PID:6060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1604 /prefetch:14⤵PID:4068
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:14⤵PID:4532
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7044 /prefetch:14⤵PID:3528
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:14⤵PID:3340
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:14⤵PID:6024
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:14⤵PID:4028
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7140 /prefetch:14⤵PID:1352
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:14⤵PID:6104
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7652 /prefetch:14⤵PID:4092
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7064 /prefetch:14⤵PID:5344
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7888 /prefetch:14⤵PID:2032
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7520 /prefetch:14⤵PID:3668
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7848 /prefetch:14⤵PID:1636
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8232 /prefetch:14⤵PID:664
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8300 /prefetch:14⤵PID:1960
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8464 /prefetch:14⤵PID:5112
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:14⤵PID:184
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4372 /prefetch:14⤵PID:4012
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8576 /prefetch:14⤵PID:6980
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8764 /prefetch:14⤵PID:5920
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8984 /prefetch:14⤵PID:6208
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:14⤵PID:3788
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8656 /prefetch:14⤵PID:6168
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9204 /prefetch:14⤵PID:5888
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8576 /prefetch:14⤵PID:6236
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9372 /prefetch:14⤵PID:2164
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9316 /prefetch:14⤵PID:452
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4376 /prefetch:14⤵PID:4960
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:14⤵PID:6436
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8944 /prefetch:14⤵PID:2904
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9312 /prefetch:14⤵PID:6184
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8380 /prefetch:14⤵PID:4104
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9296 /prefetch:14⤵PID:6436
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8480 /prefetch:14⤵PID:2548
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:14⤵PID:1964
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9876 /prefetch:14⤵PID:7204
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:14⤵PID:7144
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9880 /prefetch:14⤵PID:8096
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9944 /prefetch:14⤵PID:7280
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:14⤵PID:7088
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10388 /prefetch:14⤵PID:7896
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7972 /prefetch:14⤵PID:4720
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9316 /prefetch:14⤵PID:7144
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10504 /prefetch:14⤵PID:7920
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10524 /prefetch:14⤵PID:4240
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11016 /prefetch:14⤵PID:6964
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11184 /prefetch:14⤵PID:1640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9316 /prefetch:14⤵PID:8852
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11352 /prefetch:14⤵PID:8904
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10708 /prefetch:14⤵PID:8736
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11432 /prefetch:14⤵PID:8768
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11664 /prefetch:14⤵PID:8392
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11456 /prefetch:14⤵PID:8760
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11240 /prefetch:14⤵PID:3924
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11664 /prefetch:14⤵PID:8536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11532 /prefetch:14⤵PID:9008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10924 /prefetch:14⤵PID:8400
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11336 /prefetch:14⤵PID:2368
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11836 /prefetch:14⤵PID:7884
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11996 /prefetch:14⤵PID:8564
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11640 /prefetch:14⤵PID:8916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12232 /prefetch:14⤵PID:6456
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12096 /prefetch:14⤵PID:2276
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12404 /prefetch:14⤵PID:8944
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12756 /prefetch:14⤵PID:9640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12916 /prefetch:14⤵PID:8456
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12560 /prefetch:14⤵PID:10224
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13248 /prefetch:14⤵PID:9300
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12412 /prefetch:14⤵PID:1232
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12904 /prefetch:14⤵PID:9904
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12160 /prefetch:14⤵PID:3916
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12536 /prefetch:14⤵PID:10024
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12180 /prefetch:14⤵PID:8344
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13244 /prefetch:14⤵PID:7500
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13020 /prefetch:14⤵PID:6812
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13040 /prefetch:14⤵PID:5384
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12904 /prefetch:14⤵PID:6656
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11312 /prefetch:14⤵PID:9616
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13552 /prefetch:14⤵PID:8008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13388 /prefetch:14⤵PID:7204
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13532 /prefetch:14⤵PID:10084
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12192 /prefetch:14⤵PID:10616
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14000 /prefetch:14⤵PID:10684
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13728 /prefetch:14⤵PID:11212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14220 /prefetch:14⤵PID:7680
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12040 /prefetch:14⤵PID:10880
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14548 /prefetch:14⤵PID:11012
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13528 /prefetch:14⤵PID:10984
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2552 /prefetch:14⤵PID:10432
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14040 /prefetch:14⤵PID:10820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14600 /prefetch:14⤵PID:9108
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14468 /prefetch:14⤵PID:7932
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14536 /prefetch:14⤵PID:10748
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14564 /prefetch:14⤵PID:10600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14728 /prefetch:14⤵PID:10100
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14828 /prefetch:14⤵PID:11820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14860 /prefetch:14⤵PID:11428
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15068 /prefetch:14⤵PID:11892
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12072 /prefetch:14⤵PID:11948
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15068 /prefetch:14⤵PID:8508
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14792 /prefetch:14⤵PID:10716
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14244 /prefetch:14⤵PID:9124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13572 /prefetch:14⤵PID:10504
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15140 /prefetch:14⤵PID:12708
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14656 /prefetch:14⤵PID:13140
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14644 /prefetch:14⤵PID:12112
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14520 /prefetch:14⤵PID:11552
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5768 /prefetch:14⤵PID:11028
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13213198291064824682,13487895047051508046,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15192 /prefetch:14⤵PID:9108
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵
- Modifies registry class
PID:5896 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser3⤵PID:5856
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5848
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic3⤵PID:5448
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5452
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself3⤵PID:5668
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5060
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
- Suspicious behavior: GetForegroundWindowSpam
PID:3684 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/3⤵PID:692
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5696
-
C:\Windows\SysWOW64\mmc.exe"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"3⤵
- Suspicious use of SetWindowsHookEx
PID:5716 -
C:\Windows\system32\mmc.exe"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"4⤵
- Drops file in System32 directory
- Drops file in Windows directory
- Checks SCSI registry key(s)
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:5780 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download3⤵PID:5288
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5304
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system323⤵PID:5656
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x118,0xf4,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5152
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser3⤵PID:5944
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:3360
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself3⤵PID:5852
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:3852
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus3⤵PID:3424
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:1896
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
PID:1904 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt3⤵PID:4396
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5864
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe3⤵PID:4020
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:1672
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe3⤵PID:900
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6044
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed3⤵PID:1080
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:2232
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe"3⤵PID:1544
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton3⤵PID:4460
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4108
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton3⤵PID:3528
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4092
-
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵
- Checks SCSI registry key(s)
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3168 -
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵
- Checks SCSI registry key(s)
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:6220 -
C:\Windows\SysWOW64\mspaint.exe"C:\Windows\System32\mspaint.exe"3⤵
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
PID:6856 -
C:\Windows\SysWOW64\calc.exe"C:\Windows\System32\calc.exe"3⤵
- Modifies registry class
PID:6820 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+get+money3⤵PID:6644
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6640
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend3⤵PID:5008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:3180
-
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵PID:6636
-
C:\Windows\SysWOW64\control.exe"C:\Windows\System32\control.exe"3⤵
- Modifies registry class
PID:2960 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/3⤵PID:796
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4472
-
C:\Windows\SysWOW64\calc.exe"C:\Windows\System32\calc.exe"3⤵PID:6468
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/3⤵PID:2632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:5188
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton3⤵PID:6176
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4504
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system323⤵PID:6284
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus3⤵PID:2372
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:7128
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=bonzi+buddy+download+free3⤵PID:1396
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6720
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic3⤵PID:6736
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6588
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
PID:4724 -
C:\Windows\SysWOW64\mspaint.exe"C:\Windows\System32\mspaint.exe"3⤵
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
PID:2780 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/3⤵PID:6804
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4880
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed3⤵PID:6124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4568
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵
- Modifies registry class
PID:7836 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/3⤵PID:7432
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:7076
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed3⤵PID:8036
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8044
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton3⤵PID:6524
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:7796
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe"3⤵PID:7632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself3⤵PID:7488
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6816
-
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵PID:6528
-
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"3⤵
- Suspicious use of SetWindowsHookEx
PID:6820 -
C:\Windows\splwow64.exeC:\Windows\splwow64.exe 122884⤵PID:8020
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus3⤵PID:7720
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf8,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:7908
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download3⤵PID:8100
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8000
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=bonzi+buddy+download+free3⤵PID:8792
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8804
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+remove+a+virus3⤵PID:7064
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8668
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/3⤵PID:7704
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6824
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus3⤵PID:8492
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8408
-
C:\Windows\SysWOW64\notepad.exe"C:\Windows\System32\notepad.exe"3⤵PID:7696
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend3⤵PID:8576
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9016
-
C:\Windows\SysWOW64\cmd.exe"C:\Windows\System32\cmd.exe"3⤵PID:8232
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend3⤵PID:8504
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8516
-
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"3⤵PID:7832
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵PID:8332
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=batch+virus+download3⤵PID:7600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8472
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt3⤵PID:2352
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9140
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵PID:9600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download3⤵PID:9504
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x124,0x134,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9496
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=bonzi+buddy+download+free3⤵PID:10124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:10156
-
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"3⤵PID:10040
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+buy+weed3⤵PID:6008
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8316
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus3⤵PID:9748
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9844
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵PID:6196
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/3⤵PID:9688
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xd0,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9340
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵PID:9616
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser3⤵PID:10060
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:3696
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=g3t+r3kt3⤵PID:10232
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9624
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe3⤵PID:8540
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9852
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
PID:10512 -
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵PID:10808
-
C:\Windows\SysWOW64\notepad.exe"C:\Windows\System32\notepad.exe"3⤵PID:9288
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe3⤵PID:10520
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:10536
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/3⤵PID:11124
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11148
-
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵PID:9064
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic3⤵PID:10464
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6556
-
C:\Windows\SysWOW64\notepad.exe"C:\Windows\System32\notepad.exe"3⤵PID:11080
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend3⤵PID:8812
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:10348
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself3⤵PID:11036
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:4164
-
C:\Windows\SysWOW64\mspaint.exe"C:\Windows\System32\mspaint.exe"3⤵PID:10564
-
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵PID:11108
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=what+happens+if+you+delete+system323⤵PID:8368
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9628
-
C:\Windows\SysWOW64\mmc.exe"C:\Windows\System32\mmc.exe"3⤵PID:9192
-
C:\Windows\system32\mmc.exe"C:\Windows\system32\mmc.exe"4⤵PID:10392
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://play.clubpenguin.com/3⤵PID:10200
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:10300
-
C:\Windows\SysWOW64\mmc.exe"C:\Windows\System32\mmc.exe"3⤵PID:11164
-
C:\Windows\system32\mmc.exe"C:\Windows\system32\mmc.exe"4⤵PID:8140
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+create+your+own+ransomware3⤵PID:10000
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9564
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
PID:8248 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download3⤵PID:8548
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:9508
-
C:\Windows\SysWOW64\Taskmgr.exe"C:\Windows\System32\Taskmgr.exe"3⤵PID:10100
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://pcoptimizerpro.com/3⤵PID:9228
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:8248
-
C:\Windows\SysWOW64\notepad.exe"C:\Windows\System32\notepad.exe"3⤵PID:11640
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
PID:12076 -
C:\Windows\SysWOW64\explorer.exe"C:\Windows\System32\explorer.exe"3⤵PID:10704
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus3⤵PID:11736
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11744
-
C:\Windows\SysWOW64\notepad.exe"C:\Windows\System32\notepad.exe"3⤵PID:12212
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=internet+explorer+is+the+best+browser3⤵PID:11676
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+2+remove+a+virus3⤵PID:9328
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11296
-
C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"3⤵PID:11968
-
C:\Windows\SysWOW64\mmc.exe"C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"3⤵PID:11076
-
C:\Windows\system32\mmc.exe"C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"4⤵PID:5244
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+send+a+virus+to+my+friend3⤵PID:10128
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11576
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+get+money3⤵PID:10600
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11268
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=how+to+remove+memz+trojan+virus3⤵PID:11792
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11588
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus.exe3⤵PID:12108
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:11712
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus3⤵PID:10228
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:6012
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=mcafee+vs+norton3⤵PID:12620
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:12632
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself3⤵PID:13076
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf4,0x128,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:13088
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=best+way+to+kill+yourself3⤵PID:12576
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:3364
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=minecraft+hax+download+no+virus3⤵PID:13080
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:13240
-
C:\Windows\SysWOW64\regedit.exe"C:\Windows\System32\regedit.exe"3⤵
- Runs regedit.exe
PID:12056 -
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://google.co.ck/search?q=virus+builder+legit+free+download3⤵PID:13084
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd3dcf46f8,0x7ffd3dcf4708,0x7ffd3dcf47184⤵PID:12792
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3960
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4204
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x300 0x2f41⤵
- Suspicious use of AdjustPrivilegeToken
PID:2856
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService1⤵PID:6944
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
PID:6984
-
C:\Windows\explorer.exeC:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of AdjustPrivilegeToken
PID:2484
-
C:\Windows\SysWOW64\DllHost.exeC:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}1⤵PID:1140
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx
PID:1436
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc1⤵PID:8136
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 1176 -ip 11761⤵PID:13260
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD5956714757f0c01587d52367ff646889d
SHA15532e1a7fb97abd8c267812f34892414b74ce24f
SHA256e70c02a9df8d4a65b124fcd6a4070b18f04577f237be158af9ccfb6853059394
SHA512d7d3a1030d4030e9c1b98b22ade13163a654e814ffaff364569893cb0d2dfda86808df262809f4fe5c41b78874f609febb0ef9a5d19e1b8c87c12203c1a20573
-
Filesize
4B
MD5f49655f856acb8884cc0ace29216f511
SHA1cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA2567852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8
-
Filesize
944B
MD5399468c9f1ba0079d0363c8d29104113
SHA1eccbdbf52ebceafe91e255668c7f31609f7af914
SHA256fdaa3062dfd314b5834a803ba0ddcffd5afedaab39300415db27ebe0c3289d25
SHA5127b4efc9378f9edf6268da46e9dd41fcee87d9af43c53916bb17713b9270f10bd76073b4b76e3e17a7b02bb6a46caa95d412ddb51263df78ee8e698ea4ce1e8a7
-
Filesize
152B
MD57c6136bc98a5aedca2ea3004e9fbe67d
SHA174318d997f4c9c351eef86d040bc9b085ce1ad4f
SHA25650c3bd40caf7e9a82496a710f58804aa3536b44d57e2ee5e2af028cbebc6c2f2
SHA5122d2fb839321c56e4cb80562e9a1daa4baf48924d635729dc5504a26462796919906f0097dd1fc7fd053394c0eea13c25219dec54ffe6e9abb6e8cb9afa66bada
-
Filesize
152B
MD55c6aef82e50d05ffc0cf52a6c6d69c91
SHA1c203efe5b45b0630fee7bd364fe7d63b769e2351
SHA256d9068cf3d04d62a9fb1cdd4c3cf7c263920159171d1b84cb49eff7cf4ed5bc32
SHA51277ad48936e8c3ee107a121e0b2d1216723407f76872e85c36413237ca1c47b8c40038b8a6349b072bbcc6a29e27ddda77cf686fa97569f4d86531e6b2ac485ed
-
Filesize
194KB
MD5f5b4137b040ec6bd884feee514f7c176
SHA17897677377a9ced759be35a66fdee34b391ab0ff
SHA256845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6
SHA512813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40
-
Filesize
24KB
MD5b82ca47ee5d42100e589bdd94e57936e
SHA10dad0cd7d0472248b9b409b02122d13bab513b4c
SHA256d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d
SHA51258840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383
-
Filesize
397KB
MD5b4663747d3b148566012146b48acdce7
SHA1b5264a7529bc19dfb8e298ecfcaab994dd1f0b26
SHA256125e3b17ecf87d0e28222a84d197d1df3c2724b56d52d347c85764dc80782c82
SHA512cc9a40e8e0be900c38666218443bdae30a67edd2ad5e17f2b74db32d672f6dd6d774d2501e5fe982655120bc309a8b7b34e8d35bffe1805ddbabea524d9f8f7c
-
Filesize
317KB
MD59534848a21f9d7a66adc2279f015b636
SHA1d12d0433e0388aa04a166458d1c8b7217bcdee8b
SHA25670b917d384e05e0f1cc3c6babf19fb13f34885904b24cffa81cad2990c84ec1b
SHA5129838ca699c05054399aa7daeb4ae17dca9133c3489e9b83aa40a3becb6a0699ae0c015f6fb53d140587d436779c01925f0f44ac1fc49402f714dad53b09d185b
-
Filesize
18KB
MD5677429a20e86da94480adfaecc5109f0
SHA1257ce59e8cd160042ca7e19aca8e7d8ed094c8b4
SHA2565def4cd37c46fa810adaf069b18bb382721f465728353076fe9d39ea294be8a0
SHA5122c69c516ae304d9402e493dff3670a6d55f2509bada46cab0153e9606078b833f7b99b233f720ac747c05cd5c41079c1d1fccd1ab7ae45fcbb2a1496d93111d8
-
Filesize
289B
MD5c4edbf9c787628adf54726c5ce3eb620
SHA163063a7a28f9dfe870c22fd451bc1f78e47d1de4
SHA2569658a3e62bb209ccd34d2f73d39af5aaf1c862b71c1617c4bcad190edfb13e68
SHA5123e4e24cd83efeaa243dbfd00572ebeced2353a165fb0441c08ad76f0089bb9bf6cf91263882f0879287734a0b5db65fcaf9fe14073cd7ae2885bda58eb585f9f
-
Filesize
289B
MD581b2478f7b48ef1ffdeea44d37a197cf
SHA1ae23bc408092dca9234669a9b75aa2f5b965d84d
SHA25683b7eee0fc152f2bcc4cfd57233767d1b38e7329740655c283ba9d9ff291dc19
SHA5127e3c282af040ae369ff87389d94ccf4b7c235ee09e6acb161380a6ef80a0a9f1f64d10a44ded9bf18a6e544f15cf2e84487c5969f4466b0c39974eac5a0dcbe2
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD58e4cf516654c60bd2a7c465222bb4fa8
SHA16e65675de8f9f71c8eee6bb4a1d99768a032cd51
SHA2563297a8dfc147fa3fef0e3d340d18d2697dd066fa5aff8779a94ad19046d61f45
SHA5120abfefdacafe37f0726113c2a2fb8117ec71fdfb1b0fd95ef2d9bf5be3ad6eeda3b93095b057439c747470bfa12c3b688060ce82d1562d0e10293d500f5936ad
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD56272fd9dee98d2d6dc8594cc21bdf588
SHA16e96f1a50705094f1ead73fa81d71657a0895876
SHA25676fecbfd4763b748e151832af235b99e0dbc10dc7a790e51beae2b1bbbbaba68
SHA5129ee35b7981e33e8e65724c70ed5fe40f61727d062e3c8c5f1634cf171486a820a58ee86078e2175752ad7ba9fcae239df9a5ce603aac54e7188a24d3a1491904
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD5e68dfea2cf3f122f90664f5334148010
SHA1767f6abf74b2fd74c70f04d8849e39eee1be8070
SHA256b4f3d4e82540e9f82c33a4d3c503c461d807f6c41680cc87d97d658244b84664
SHA512bfd413af8eb399f8847df66dcd57a0960d001374aa4b9a6a4954443951ddbc070170a950ddf3136b719facdd91e0def3bdd22b368cca22e469c2b0a49ae573f9
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD52df53c8532f546be1221b6b2964d25c4
SHA1b23d331176aecf22a77b4ffa929a4050eab59652
SHA256a0321a7746df16f205784fe3ce385f46a7dd4061b8df3f220c2545208b7d0ff8
SHA5121d9697d4e776e0dc7f91bc1326ad3f929985f043c32f221ad5347fa5e88854d61edcf2d15e5f10a1ce2732aa698b87f05261d4d061383fea38abb44e4654420d
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD53818f3997eaa6db1e6635124e55b74c3
SHA16f85ebe4855061cade9d024405b1a99f508424eb
SHA25631c05f0e50f116f0cf8ef31fb98639ba33b36d0ba25d6f612f37966ab02316c2
SHA512fae17df07a7ab37ba3590ca021b81395444c40ec446d323b39dabcc14e764dac30fd47c077bd4e5bf10b03778e926da7b50be2cda7552c4fa0644c97dfc7b47b
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize408B
MD51895ad5070fa28f0322d88321c68b426
SHA149c5d41774aef6960abd49fe9e71e900c76947e2
SHA25655fc2255f35edf8474fa7be725372ed414550a929d63a08946c96751d7bbc788
SHA512b3c4edabdb5b26f921deda53d02ddf82fe5b35d5b11d9f27341f6af184b1337afc98603442c16e33e9bdb3c108443cd3fb5686553750f2c4a646ed829520777f
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD5be139655cf7b4ad680fbf7f26bc9d154
SHA1f9a82a77ae24eae5b73ad0c11bf8c7945f4c3f47
SHA25686510cab84a66d039c1e5745e7e0e49359fec2a0656d00ccbbc680c0c7787a2d
SHA512fe3021e5f78c74edc57aa5d7a99390a341d103a1f2a54497d625e19019c7cc62fbdbaeb9b82966c35fac32e5087b04ce4e5372f17edc907aa4be0a3b12510ee4
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD57fde9140d12c155aac05ee02f0cd9b78
SHA1ec1554ced6a85d52a5c8fdf8461a04f279389198
SHA2561e8ca3b7539fa5a7b18de546b19da76d6784afe6defb69a391398d5fc01b2ead
SHA51262618e1a6320d86c1245c8c3ac32ce41d7e59e3e06d701899be61e41d546fc442492f37ff435166b6de96a56966a983932f9a4cdba9cec838fde6849f1c62d35
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD5323df74fcf79c9e9994f8f12a3bab5f4
SHA181ff154f215ceef1c0742e2d735fe7810e1bea1b
SHA256a29b7df12630ea07313163cdd26c96c39db258ff95f93b73278bacf1b6aa2981
SHA5127a7f8adf8758d65dae8009e44c43763f045ed0dc9507982f81b2f0400c4b83c8473bc661102868e96adccc15ab61fe02dceb3988c17425c2c24323657d171e21
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD5171af620138a856ae464287523e78ba4
SHA1db32404ead515cd6c7b0ee3143a9870d6d388cfc
SHA256aad978856db7fb86f27d019bacc3d82a919009f8e6cb5037d10bfa5dcd819cb9
SHA512d81559d53452d041649b363757482ddff25627d407bd1cdcd4ea40a74cb40f0773f61ddcc6388ff61544e986367f3f7e4a813ffc5c417dee6468424082710143
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize432B
MD5c0e53f2bf8e0cc013086d6d2bee5323b
SHA1b2728904f64dbd6d187cd0404f97c2431c64a500
SHA256cec9040db8b19f80294e156f0c9d10998d13b3d60355cc6a25e97159384b3121
SHA512807f1d2e30b9d9fb13615252e25452058b7c8377f474de6d184b8768094095c501aeb6a83680b0bdd95f5114e0ad03ecc305953c1bef0de0b70efbb9bce48dc3
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD558af3bc02823df1a441e0637fc556768
SHA1e9fd6b7cd4ef3dd735c3a4315c96b7c0535e17ba
SHA2560d45ecfc7418e2c38cb2911492092bb0845b10fceabdb3a78be8522235c0f520
SHA512ae5abea9fd92b1089b5b9a7d1e2896e501b5965f9d06847673a596baa94023d9e86be285b784d28b84964da4b2473f21f846faa60b807f24386f06683d3f9f55
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD5978144b5d697b4a4f3971409752d19fe
SHA12bb9e9ab0c7b7c1a69a535d20ffd05170669e075
SHA256a58831d4b0ea4225812b6bac17a9e58d27e22290cb95ea16ec6d3e1503dc9dcb
SHA5128a56bd759081cbc8817cbd1987bf166a7779870765b82cfab78e05cc70165103bcc84e5ed48e2939927e7462232889e3b450b6102acbed03e9f4c34b771ed35e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD570fd7af84a5174f23a58d9c963fe5e0f
SHA10994ade8d2d18d58e9e7f832c7ae390bf344af7b
SHA256b20648adc55cd00a7fe8a571e35f60721c3c3de380a4b858de6194d353453d33
SHA5120f0a367fca2a25fbbabff0a5c45e1f02a6f30a0867510f5ddd89129854dc1c123f457e72526804785cb3fca7e0712af75cd162cf2b1c30b05d1ec155b4c76572
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize144B
MD5388d24c3d2460617c39d8fb790c16fbb
SHA161c359a25ee3bda2972dedabfcfd44e9b94f3fda
SHA25662355612be59e4f2288452616dd3f2277cebfcb434af5198f365a081185e66bf
SHA512ceb05c362b1b0b2f8df289d393ee14fb0e73aaeca6480a54098f902f4ee087b3d00347603b7f79843ee7dde6de3e61baaa4d6257739d4ef8551f8cada760298e
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD52be266f98cac0c50198708c621afc264
SHA19e99d31d4b00898e084b28328e4725392eb3ddd6
SHA25607e2ad784fc71ab24ed03b5ea591657a4d225ea32446ba5c6c7b874436447973
SHA5127727908112af0db6cc81931a2272f7c16d2a5a080a5cdd2862f29ed5e6a334aa64c5723be24143cf51fb52e61e1864914d4a34603f2b2ab55b35ba0f00597cd7
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD50a60d88e86802985d9db3db68a39ef71
SHA17bba4a3b0bffc2497370d7d34b158689211c751d
SHA2563a2fcb95a42fb30349d0690bee5943a87031d5ad69251f077ee6d6846e68e67c
SHA51205681c5f7ff7ce86c8c4d7076bf20a0eff507bf3cc789582140a1c06a9f6b753a7c78b4de655f7e9d7fa1f1c1ebfe0de9f5829e79becd5f28420e32966e003cd
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize480B
MD5d14ca8252ecfc03dbe72b3690eb714cb
SHA14a36c9ab4e1ed9001feebab924057032117feba2
SHA25699d1ab4184cdba4aad0e4b65f4c1545caa4eb55c539757e8458507fe684b9d78
SHA512e115a18255815bc819f7804f4e19ad6a2ffdad7f1458e1e2c3deca4ff196869eca322f947e7d1cae65a13de9ccf5f62eb60b6dbff55c144ab6f2a58285dbbacc
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize120B
MD51709ae8776537b1206ab6ac1c86677ca
SHA17d06b853251c7a436d32eded94c3b2c257c7a4ee
SHA25627724bbd66e5099cee7b376dfbce117c2790c521cd0385a03534d90bb0129871
SHA5126b848aae7c2e6a7ea797cffe7fd05835e3a7fd8b95ad1ffe2f871841aa8644ebc3bbdaa74b31236aa8d8c8a38c7f2aaeb24125d8434042e5849cbaa4c9b1b352
-
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize504B
MD53d499ccf6f796e785109880ebf0bad1a
SHA1efebae7573e263e2299849c78d6514407cc3fc94
SHA256bc3e168864f51855ca883f916c52184fdd5e68be250a3fd089a982a6b1505cbd
SHA5126356c450f0b44b0ba371e3ca410b796b68f68ad6ed3468edaa60dc68a6d3d55f1d24672166946e163ad78afc030eab1a0ce4aeb1bc4ab1f36f4a0bd580c8a363
-
Filesize
1KB
MD5b64d3fbebe0b31698ed8a7b5242a9685
SHA13099379a20eed7c7249017c1335270b3ff43141e
SHA256315cf50e100cd83f8e309d316d9684a1baef893f3f5235fcacbe78b1349f77fa
SHA5124cbdf54217ee124df1ad2fd57e83c44bb06a6134e541bd487caaab6c353cc8e5a9fa2fa797598702e47a549e15f14d5a949fbc959c4343f56f13d28e914c11fd
-
Filesize
3KB
MD56b435928af7ff185a140518b26d68cd8
SHA18f9a0823463ddce347c743703a27d5881c511559
SHA25633deb4265d10be4bff4bbd7a6326489fd150746fcb70e959d47f1ed0931b8b31
SHA512fddaefad5e4e29c2fad6030998a94ff45e89f27c6f8547767a822d71d34d067d489689feeca869681177048da123d4c67af3d638dc386c90c9cb0f35461f8dca
-
Filesize
1KB
MD53639cee08e2b5af2f9365bf4f39b8466
SHA1586a368c470d0a365f415fe3c456dee8db4559fb
SHA256254b253dd893a243ad0347058d8be6773a4437a86760a320e58172a1d0451d04
SHA512b7c28ac154a4777e0ed0b16c703c8fddb42339f7c50b108f005dd0a6c0575c668b6eaf5a4a66cdf4fefa5b05a60e7ba912da56380295bdb050766dcdeb8cd292
-
Filesize
1KB
MD529d6a38558b96eb7432014f01807b3f1
SHA144ae179749ab92a466e7e2222aa8864119b3dd69
SHA2569e223562c4ef9afb3b3047b405b71fc484cf7515d92ee6aa24099b56aad5b261
SHA5125e686dd2f4502b84f81472450c7958022643fdfb09049707e6c02d224ced87b14ae31e3219f4e7ea8f95316c7e106b5e8eb291f2dfe8bc6969943f196ce1badd
-
Filesize
1KB
MD52326135e4ae6f02ab3d5ba4538873849
SHA1b59213f5930bc09f74982809136dc5b961347a24
SHA25698e33b29b5c9aadabe9cf9ff97332ec5c1c125b088c0a2987dd41213dbaf92e0
SHA512927543d979fbc3b65376abe0cac4f7c698193925657e568e733eae16701fb724251b22bbf7d48731ca4ba787aaf25a8f22210d0eeef7e5bbd42d5db4f2c67f39
-
Filesize
1KB
MD5f9756cb1cd299666575df39fe52a3029
SHA1868415c9243b591790e6c5da4391d621117c5f3f
SHA2560055c8f35fb498686b5953c1ecc46496fbf7a7a0d8ea93de6fad23661d06377f
SHA512eb86a4233b250c7dc153fa366b038024d7c89fce13e1052f301b809fe9d3bb7263aab770699554e04737a748d0efc472527d3640129538eedab38ee04bd0efa7
-
Filesize
1KB
MD56b776e9be05151523bc44f910181030b
SHA105a3addbb0da30e785a69f7ab12ce145452fa367
SHA256b332ff7a75406c2bf888ae6aeb8a2ff6b0913c78e669e0f4852ad10b2a1913fc
SHA512ea14205060587d5fb9f9b818e236556ce66e40e3e876ad829a9570b019180cb6a950aa685171e84b247c002edf464591f631ef8ac858d6f33392a34f2331af08
-
Filesize
1005B
MD5dbad665ee4721c425baa85c8195f99e3
SHA1087c767366bed44aeef0cd569a968e028ad90078
SHA256321033a1de325785148ac36731b7d74a30dadc72851b1696e51c478457335c51
SHA512a509146c74182ffae325fa303fb2b81164cf9d2da9d8dfe67fd88ee4efa5e35b86016cb04a0a9286903b82c4747c5d8721fbaeadddc26a7c5a8c659e6fa5f13a
-
Filesize
3KB
MD513fce79351382a441f1121dff1f11290
SHA18bc1dc3315e7287914f4ea8f6d20b6c7c628cc1c
SHA2564d5e692886e29824032910664b58b84e5b594a8257455c17cc67be35fcdd3e66
SHA51229041abd34d3da863eb46291e4b686cb99c0172f27cfc56ea761dd9a15fadcdd351e47674f61665a461029f863df280393e3c1b34471223360706f690677e1f8
-
Filesize
6KB
MD5ba0fe18c3df9e20d40e5443894bedf15
SHA11faac890895a683581d65f04e8d64fa977237d01
SHA256670e0b6fd53d74d032bbabfc59228a60b5971c110fab4b1e4e8f6bf8c4d16baf
SHA5124b28e9ff148dc0b4cd3d131ba7546b1c86a0a0c2590d4ba540df8bf2db9de924c060e4fabb63960bd6ba597b85378df784358da934b321960fefd08d9893f55c
-
Filesize
7KB
MD56ad77460d3bf5be045b0536431db14e4
SHA173f3d8698f0708a62052b79da7923d666421c429
SHA256f2dec53747b6a366ce6e0d0f0f1e95c318cd0554d8b9272eea35292b37148044
SHA5120b03ebae5b8303fdcec3cd2901bc4a3a5b076d6ea9a02549f8acefae8dfbad07308012138b1961316913f01c2846b6e16f3252597374e8e06194fac7186b6a52
-
Filesize
6KB
MD560af3074065565d60bbd562f29958e05
SHA1e6bb8647623fbb6ead53632bcf9c617a665e216c
SHA25642d32375660807b9d84c317694bf630352f3a241bf09fbe6141686e1f286cb0d
SHA5128622c02f1ae2b8dc179bee0d0654a9e18a052fd05781293fb90baacf6ccf02ca2f62e3bdb5aea98b60f2677fcf21606bc4077b1ab325e9c3197ea164c5859c3f
-
Filesize
7KB
MD5727d3e2f17ccebec92d68469edf3dae6
SHA15a292de65cf9928c79170daddb7884f33526a8d3
SHA2560d5f6e4f05412d43170387e9a9f26254a0f5e5328a941f5d4e1dee4cc63f46ed
SHA512ace678865d82a3bdc7588221b0098b0c9b1af484343d025b547a03f8b6a90ffa4986703c6ea4f20ecc64f02cc51a5b9c583a9a7942e961fe250ff3ab0d8dda86
-
Filesize
7KB
MD56efa7fb7f6cd83a5d360e5c94f9f8c48
SHA16135a3e220ebdf415cba62a3223eac0a6c4f5a0e
SHA256e0e964258bc3f8b8deb76cd4e4217b57d37221f23c5806ffcb254f21ffb59033
SHA5124755136c95752151e20c00f705a67349f6e8a087f80b3936c0d7758494d0f72c6aa06cf2448490cfe1b0c936d3cc9719bf89df2a60164e2bc05c42dca3898795
-
Filesize
7KB
MD5d94b487836f51878382756954e5135c3
SHA1c8380f288ecdf97d437b351db4e6b3fa70c458a6
SHA2561b8f5df86bf781b837ff02f467b9597b5e1ef44d48815e7af15533711fcfeea6
SHA512c00a3a08926e9396bab9fd5cc330b05875750c333602e1e517a60bb75daab68307a6fce1a0bd3d44f0ef3ae4dd0ddd1fbe6f2d7c7515efd650c2eb278254e5f4
-
Filesize
7KB
MD563b7b241d96a208b299768bc9f0b805e
SHA17cd4e1bb5ed42f807a67cc3026794942d815ef48
SHA256a5e3727958c270ac23303ad35a97bef60d0510be0b77fdb1f07766bc6e65a2fe
SHA512f90a15a0d8686016b19697775e3045fbc116ae9929f5ddf996825c31c3fc3fa78ea11c007e3472cfaafa4372bd92e9326d2110634addf554ab5615163656a95a
-
Filesize
7KB
MD54c3e6ee03a8b355138281827f133adc1
SHA1a984df07e4c295a6179fcbf016ef8ea5fdc097f4
SHA2565cf9a404292e6b5dd9da6c399ac6cc357ab42c8be8a3a5f6d5813542c6a3fc6a
SHA51262da205208e18b381200baf5bb428c950d803192714ce9ea7808efb56fa83ebf9e370b90805f35814bdb7b26d0114c88cc193f8e8620d60c9ffe9100bff29b25
-
Filesize
8KB
MD5681a221c8a00f8b5a65c5c04d196043a
SHA10f0765f2d00246f363c1f73a420d8eeaca2413ae
SHA2563177bf4b53ece43a6a823588a6a597486ac35b50e9a8dbdf5ffc5f86a0efb170
SHA512b04f4a951eb0e4b84b99aa80c0f26e9d945603e58187d62a2c71ecdc230a7cebe8cbcd5e87525b03159abfd24faca8b334803d51658ad896737277e64b7e9e0c
-
Filesize
8KB
MD5df409ce8ad1c8e91656e847704ed2307
SHA17fbbf5ca2ad5f6c197ef9f2dea0fe378d7703a45
SHA256aed8a6e443ed063547f0800fd01be3ca535ddb0378236f9eb081688947148c63
SHA512696e0a0c660699efae428d5b467d0b85a991aa724e1d219af999ad7233a6b8835040a6973fd1cd85483e5f9bcc9e3e01d02e79746aaee6814bacfc9809730349
-
Filesize
8KB
MD5add2190997af4508cd4a166882f85a71
SHA16879fe89dc72ceb9926b7d19944b730b4aaa8508
SHA2569479e30a5cce3622615d3019b9d6d05ebca4549964b8f89b3096c283b0bb03b0
SHA51222ce4f1b2496d9a88929db25a00ad871248160b950bd98fb71681c6cdbc9797e23b8129e3b9c21c05f06e981b01e25522f6ec302aed0479718859ed42df7933b
-
Filesize
8KB
MD5319da76db9fec960bc781848ae5d7d8d
SHA18e63b9135d03fefa5251bbed9e22c75b255c8ca6
SHA2563753c9fed538dccba06783265e1e929266511c64b806acc3d79821eaf4098753
SHA5120a563187c13d0775ba28f81ef330cc530f5318e6b61a61ae0bb07706ff4011629f7af01e428bbe434fb7bc25ca12c3c0c8219902dcc63866c6db9fe6f9255d9f
-
Filesize
8KB
MD5b4cc059270c7028908187b2968518dd3
SHA133a0c97fade92e74a66bc60a8f5312d9a1cf712a
SHA2563ccadfa04cb58979cae3bcb86a2739d8d5c41519fa60c5edb29f6aea1b6146e3
SHA512338ed5c493fc16b36ca44bf8ffe2ef5cdbb8933c36d18bc255fc133ae7ff5c5036be2d491088ee538c83de36e922fc3082d0999609ba898dc3f56a0f71f9ee7c
-
Filesize
7KB
MD53700f5f9a3f1ef523ee5461bc09dce1e
SHA12d86e7e8e5c05b477fc883885e18eeb579b58648
SHA25617cfa66f75e1ead6acafbb26fc8f5c91f7a958af164616157657280386fe9c16
SHA5122b4a9ddf091b972a142c3372b02e96ba777d28ac6dbf88d672c13f21dcf21226551c9f1729a49e6ea1beae41f1c29ce738471fafd4d67a27a15e2858bd324026
-
Filesize
7KB
MD57e12fd70ca75d57fe64b6042438dd754
SHA15b01a0f8e2e9647041cd7c5e14057d7166846db8
SHA25639b6e7efccca4aeffd8e8c7d141867f026fa233b8b39a160955d15b13b1798fb
SHA51246c850c9bb2c0b089cc6698ebd26de1280207a8eee4c5d1ff982f4636d4195b4e38a3af331df84accd313ceecb88d726ab3774331964257db91f9888bae14a02
-
Filesize
7KB
MD5c025d808613bacf9ba1cb7076a961a11
SHA1989f9bc3fdb349e4cb6a036a833be27c9dc646ef
SHA2564a1235608e69bee4f8a41db42273100fc570d53de5988062bb64b6b0ebe8d3ad
SHA51256e1776e51d77e28b269d36a022c3e8f2f929ce286d2aebabc6a68b1ffbdb7cd4c36035573936e51e205e5c5f823660d62791f4c64c9822362f08c88cdc73bc7
-
Filesize
7KB
MD5c5a1d8912eb2b268ad9563151a4a19d0
SHA1f54d18dc192a01b1aabbc6cbabcb60387819db63
SHA256b7017c6e0df6b0baa6faeac0035b16692f6cee27c07b447e759db33385c99126
SHA512338d0f54b9319571497252594a3aaff117dfda4657622a828d90646ea94f37e1ebdb76f951fd73f9ceb9f0e9229d3deb53211e8ef77a4d48b9259719246a490f
-
Filesize
7KB
MD577822f5d789dd8569510820f7e9232e5
SHA1108c14329446b8316276f14712ce70c6635c7e85
SHA25625a04a4e8dc1a8e789c03f5f2348cd131242d03481a0f5c949370aca54c01b0b
SHA512f19b27aded621ddfc1f14cb9511e07e3a8f9a9ed0664a3c9989bd1a5756aedb27336b721aa310891d4731828abb69da45c217cb4c40a43673820769b1584e2cd
-
Filesize
7KB
MD5a4c42d6b96c93ad3eb869ab2f7717a3f
SHA10a49a6c14cddec2eb9845d05f21b7a46f43dc531
SHA256c82b41deb7415fd5e0e8d0878f154506c34fd5b7fb47ac023539c0ee8f4bc47f
SHA51240bfc695c57f785b4058a19403423d20de3794f639f6f4b1e4a17c0920ef9666b7b107df93180826fd4fa63884e1c027c52cc3f17794ba87b9d01f35f6a3e992
-
Filesize
7KB
MD5f2354784c3140d257d3c0c053f54ba34
SHA143a6f046f24893f6ec505ad9cfb39ad243580a3f
SHA256f84fd1a8e0b0720545e31b8d0ee401f9f3e9faa31538998c027534dfe4261f71
SHA512f69b0ec3d677193199713a16b3236996e486ff46e327b8343adadf617870ca5053de5909e55c19d5b0ac9decef4c5a91b4f511376e7978ff02ce30ef62416c9e
-
Filesize
7KB
MD5986ac5ca65b88ab220e692e5b5dcf033
SHA1477ccc1ea891db0efe712f89059232cfb092918a
SHA2565b369abd0337575361f0a4805d255f286ea419263eaee5466a3acd203151118d
SHA512512dd81fd97591eade8acc0d354e398bbc77b4cf35e3d498120d1d4440be89ef6e456948394e4895933a66a1373b27e97cc4fababa633a153307a6b6a243aeee
-
Filesize
7KB
MD549f388da838c639144b0d519d023d345
SHA1d9293fe840899f8098f8097c84f80869fef605bd
SHA2565e6967a23e79e1fad66d3ec815b407b55e56739bfedefe1891b7759d420e4fb0
SHA5129e485ae77754cbeeff072b41856c62c77474460d6940b620505701595ef69e612d941c6876aceb422e06b084a3325a0433138f6e3dac481b4e1edab52af9bed8
-
Filesize
7KB
MD52c74f8974fdb892d332ccca9e319c8b4
SHA1c891a9a4fe9c63328d232234e335e0f316619c54
SHA256a0d51a4323233702dd2d986b40850f8ce3078bd28ee4320e89110a11dd383e76
SHA512ae1312a05b743e16ed774bbd72db204545cb027c0ad294d2a7935cb1b8b461234270b147d2f3d5a9065f9d3eab152cbd27595cf235265d5516e904723f483f9a
-
Filesize
7KB
MD52e8791608bdf94fd09be35b4eb28ac68
SHA16b0e89a5897849576f3e566c5a5c38bbb3b6f52d
SHA256db3f60080c90df49096b65bc348cd67dd26db6d9eb0b67a9e2302cc3c7064c3f
SHA5120ceaf62e8aca7c7afe9f9c617d77d2edf84bc60845638f4c2d61629c1e1184801e98e0c22aac7a320cd931c5921b6ce5cf2d158f01055fb6f6c8ec59f54dcdea
-
Filesize
7KB
MD5e4a915bce6418b2b989de77d4a9b66d6
SHA11045dfcb3777a30479f1298a3a9e0fcc202ebedc
SHA256ba57e06aba5bb27812a651845f467bd23344b2a08ed58add3ce2173e2ced540b
SHA512a035329d627d05494321bb0863d9609311940a0ce214d2b9f16925cb691a1661dc7a8817c6fb20f3bf395f7ac84c24b8a9228d2d52a7277cfa2b50235ae31181
-
Filesize
6KB
MD53a2d444b0367e04d32dedcb3576526ef
SHA100865c22e10df64c7d7a623bb0d90291cca305ae
SHA25646b4ae2278adf3bb9216916bf04b1da9a5f7baeaaa6deff946e3e9c20efd843b
SHA5129f6c7ba7c8bbcf2e51dd65bc323d000b981228b9329d09fd4dac48c05fc5a0e87bf9e3b7655f20ada56d10bdcffe98463ee414e714378fcd953f59382b7b7364
-
Filesize
7KB
MD590389a9089a2a2efe51cf59858a69272
SHA14cc84b394f2f7ee2b4c4b7a8074578684b466d33
SHA2564fb5e56beea84cb2a9a5ca46427b58bd5b65933b2703a3f9a7ae0ea5c05b6cb2
SHA512e79a3be450a9f9395ebf38bedc1850f4ac2fdc72396dbc72526803689f4b8845189e5cf5cf77e0cc6ec28de94b96eaf9dc9fa2a17cdd557f556416197e24114c
-
Filesize
7KB
MD5f234d7bd175a10a7c8d1fa23e0de8221
SHA1c81e81282a5c8d5e1505b97e7db7841b621d98ef
SHA256e27a3195613080a8cf69f8593db5710f7d8ae6e6cabeb8ca2ff1221ff94f64af
SHA512e1ada4d794bf8646c15b930902e51debb05ceb58b8faa8e653e1d2c2901fe1b7f3c22c7cfe6e35a6757a1bf7de99d77a6391c383ad710fc21903b7a2593f3c0c
-
Filesize
7KB
MD5b9026cd5e074d5e39b7ecf918f458d13
SHA1b21df23c979353f72be89479fea47fc0b516e9bd
SHA25677502712a50db12ff6d4ba6ba2b144f13c22e028009260449cfbe0ab1c076da1
SHA5121d8f60f015d12b539db82f846d00123b89ba87648890728478d99ca9fc4c1fc95107d51eea800538394c78b579ca86fedc14165983d8b429e4380d226276d64f
-
Filesize
7KB
MD5d87bfdd002aedb84da5b1fe9573f271d
SHA1c578837f7fe07a0caedcac755478ab6454978c4f
SHA2561e3aa4cc8c3cb5795b562d2e17a6f2dde5564c61c8546fe6e7c3b7dc76e87e15
SHA512f2de96f310cb30e4b2d8de84978414c69b8ff591a97c932f0e297b726a28403f015f042d8db0460a3e70f5b57fef362131ac9ff4d94fe48c06d925ca8c2950ad
-
Filesize
6KB
MD52a6bd14cae73276d3a920eef0c474ce5
SHA1916c4a5dbb15b113adc1a8d763ab516a786876f5
SHA2560836a7a724df7d4fc72743d542ced2adfe95d4946fe40548856e27684b0d41d8
SHA512faacb85edfccad1be5afee6f9583fd6cd033a76fd0c93e4d5a47bab015d39d45955af7240e492e7a3292b99fe864ecb13274eb423706c8fc314250a90d859b87
-
Filesize
7KB
MD5961c51ad97bac01e8cef6d5503d7f500
SHA182307fbe89f4c463df07ec6ebe7efccb39c1aa6d
SHA256afded6cb2a522320b2d25dd5d416176fc76f09e1127f460432a053997089d6a5
SHA5120e5f77ade0e3373613db656cc967e48687ce9a4ffafb7e32fe1f27f36d97a5f5023ba8e0120e1e84dc76a4877336ae6d3316de8cec885e68e6c9fddf215f994d
-
Filesize
7KB
MD5d79fa2a142149df32c49bc7e3e23a90f
SHA168278124936839d19405c4f028c517e74188f9cf
SHA2563a448528eb715794c442fc7a72449354658bda2b9dd5a8bed0c7fe2341bb0520
SHA512422425872a3519058ab573242bcf7cecda3e4c669bab20c65298382d84fa86fef9972eb83a5573d6eab63df7fe9fa45e8169823e9de4674d35020869b24f3c85
-
Filesize
8KB
MD5c675fb7743a3f73d8959661fc37be806
SHA18302bac860af0dfc1121047d6ddbf0cf78a48ed2
SHA256a6671530a5aba258c304c8e0d3c9966889dfbadcef0e796a3193c0b45dd32ca3
SHA512263cde1de2fe555298c0a3b38604ed0f27b826951fca6851c7a6dffd340e4788fe19701f1a7e7a9e9663daa9e0c5cb99abbccd15fdb4c96a2384345f2a238a95
-
Filesize
7KB
MD50c15cf442015fec9e7e0947ec916a678
SHA1817742779626effd2f3c42619cbadb8d6f84d822
SHA25693ea72aa955207b90a78bba2fa3ef06f5bb1bb922edd5c959caa1f2f68e99e5c
SHA5120ef1a4f7c6f41dcebb0427c1450d2c6abcceaea642faf69ad6e1c637a7aeba8b5b5b7b11f054e9065878258ba52f88a7312919c4b3eac691ff278451bdd5a17c
-
Filesize
7KB
MD54c515ccff5ce508d4a53cb2a28e98f97
SHA11edc4b900f24ba952eb2da5c52b0c598bf608bfe
SHA25693c58ce27039809402e8d917988568c6aadaf0a524f296e7e82a95daec17a8d9
SHA51230ddec92c17dab5f6f27f951aa4db310dc6737911cc20e596a81b2d8d126ef5b95a758200dd598d6e1471525602ba380a0ebc3f4666f37a7e2e6787cb6d63cd8
-
Filesize
8KB
MD595504eef79b2ea11a23708cb243a248f
SHA1d0ec7d050fb8d806913322f8c00343e01ef8ee3b
SHA25622dbe3861f5c9c214bf6209532253491d62d9f9824a223df0d654dcac88d9ec9
SHA5123d9d3f0b6faea96a7e3e7d551b1e334f24aa50c4fee64d421adf7c51c8f82e91909e08266780bcf25fc70108cc2eb95f86975722fa60a32a47e575c6bdc80ac8
-
Filesize
8KB
MD50b1aa29ec19fa6657cda44ae4f356147
SHA168a28df7c18c0c5f3f3b6adb8ab2507c1745b8a1
SHA256506f5b8af56754021e0891d4944c6ceb86cef990820c8025154d05ff0d702f33
SHA5125970a837a58079121207f31c9704f1f6150dd97cb0beb3fecbe56ecb90444e0a01f7ee2d63137840edda931b2293758383513392b61f0f1c8b81675a4a268913
-
Filesize
7KB
MD5d0d95450e0b1ca1840f55926a195442d
SHA1897fd9838628651eda117323e1d306493fdd99eb
SHA2568eab208fd28ec6e3eea66ab813477504f2d4fab9bb6f29c61f95c3c5e195343c
SHA51200626a991534dad5a682a9a7c34227a5e1482d2fec0440637911674f51b281fde177328774cdf8617c66cd555b7ceace32764cef218a5837e32379b3dd58c9d6
-
Filesize
7KB
MD5bf03663dea8f3593952c17b6e1e135ac
SHA1c9d193f5330265a882ae768d9a204b488544a7cc
SHA2560b05ff46213d4bc3e0418652f39c3d256e459cc991149275e349d7f938a630f3
SHA512736ec1c2e2a9da1c3fea0ddef0dfec7d5891b8d884fed48f4a6641c1eab493086b9145b097953116076333de7621a66e23e0db9c22a04b6d3d4ee9ad6b21a420
-
Filesize
8KB
MD5c55ce431bde10aa994644733f70e8ec8
SHA14f69cca14d324e6771e366c7ebcd8567cc561fbb
SHA2566074b00d6d5384fa93658b2d6a9e4a946f423741583670f1be3b57ec728dfa84
SHA512c64188ab4d5a8f04a3ef6ce53ca1fd6526eba76e449e4d08b1e950f97231ad1ba2a25b1cf07db0482e28a5a5825b15a3213ab07dd309c6e54506c30d02f9511b
-
Filesize
8KB
MD5d9047afc58283cacef1b2b6313f581fa
SHA197d57ce99a3f2a09408bd52a73f6403a183a3140
SHA256368aa64d26297efa11d981af806360171891cd1f95ac268019490af1f1d29225
SHA51278b97edcdd11610e74088f5af13695238069acb25497a1afc931da691ab6e4dd9f63b037a953d2553a1dc2915abe4dfc98e1b289bfec5565a03d9bac01cfe175
-
Filesize
6KB
MD562076d3b2576c01acba37c53d9efc1e5
SHA1d52650efb8d48c0a729d32e5c29a6f27ac2d1348
SHA256691b5ff6e8f0c23f031718019a03810e69b69c62b38b58befa3aaef4d6d15e86
SHA512dbefd622efbdb2c2a3cb70cdca314484c7d4e7e79dafce10c9fcc444f745ec3b5689cac5926c5b6073200a0774395048fda51761c36e54739822d9bbac898316
-
Filesize
7KB
MD58f25a432efd83087e43e1b2f80892021
SHA168931eab736aeb1f9a58803bddefdb7cd98d1764
SHA25624b462a288adad51271cfaa4bf2372caff80d81107b7efd6714fb1f5e6bc4d27
SHA512360e4adf344080bb132aa15612edc2f6f9a480dab9957523373679f3c5ac145f67f456d783cf129eba88d4cd1fbb22d99332faf261fb554342f5f2a4f65fa43f
-
Filesize
8KB
MD5d39b74fc42606db73384c59d2a6e1576
SHA11ea9b3c58f01ca44b20e8e33a0fb1f9f31094175
SHA25606678b6a0d17c78e32849a323d8a60063b7cdd103c19058a7ae90228215cd7dd
SHA5128484a26739da99af017a927606d69aaa34ee0bf4755fd1ad95d6208c8eabee459676342413316f04a60178a6f02c1f188352c6c7607700accc36a20244c456d4
-
Filesize
8KB
MD5f59032d9fa2fe380de3f9074bb6f3f60
SHA10cda1ab0dfd177cf3f5b837d1c7044af7baa54b3
SHA2567ba56e45025497c41ca9ee5f9e696fb404b2ca7ea2808a83417076407d463cd0
SHA51249d641bb9e6e268f456b6ca890f04478872bd253ae36898bf7bf9db6ee8fa2be9b4e7de94bf9418097be3944ea0253f992c8be1a57309a864c4d4a20085fd17f
-
Filesize
8KB
MD56b9c152f23f5daa17243fbcdbd3ecd84
SHA1044dfc02c963cbadb2f99ba828f7697256cd7874
SHA256ab86a2bc2816094f8d760307aa45025b4f20964ef3c9a718ed2e0939977d8e24
SHA512d12aff9c9a098efcfe5a48a71f1444755d7ae3a4ee07ec8bcac55efaac1a1a488ea9bcd20169ea8be60de231c0ee3d77979fb002149c8a5717b3a91dd5e904da
-
Filesize
7KB
MD55475cf008f654b4bef1110427cdf75b7
SHA18b3aefad2d91894d2c5da9d95273107b3863881e
SHA2560d9fe43d771aab75f6e69314e13ca2742b32a5c1aaa2dc163d73348efbe2cc60
SHA51231f6fa330d5c93350520910ceea32bb8a2eed87aa17d9908381447ebd4666e25ce9679c5e5dc7700f036311eeac3bf46e4404e46d6ea083019293ba1235498c4
-
Filesize
7KB
MD5239072f998421914f79c1902030d61de
SHA1ee95821d540dbd061f572570dd2f7394c60d45ac
SHA256915e586bca65f72ecb0ea941b1c70d0021cfd3811deb29877358c0488c6722bb
SHA512025f21ddb45079e9f800674a4cf700cc087ab6b82d355a3b7361611cddc482d3bb03058764a9fbc3f651d0b0febae0ae334984ca0460989229063d1ebbf7c4a4
-
Filesize
7KB
MD594eea1282acafc39c3b8bde62aeb1b01
SHA1b7a759b08adc7f4dffc19a960a03755caf1f62fa
SHA25671b3770c4298aca41effc9f5ed78e343b54f259ba1722d71655bbb9adc8e811a
SHA512d613f2782463a076738a75252d07edc808cc1cdc497235bffcdb8131f88121d28c5cdc05d5aa6b56000af5b366638b953ea4c048003ada77d51aa85c4ed157c1
-
Filesize
7KB
MD531ba84bee97038537bd1863736a7efe1
SHA1e014744d8112026e6d1b093c127f64d4fc1a0b59
SHA25620d3caef57d477ab0432e6ab70481444f1f2b5ee77f043136b0259c69a71e04a
SHA5123cc1d2c595c9824a3a0640e4e4f844e1b78094860efef1de3790770018d151b4670a5ce4af2941dd930044ca6f0d084e0c7f383ebe36149889fa3e4cea4e1386
-
Filesize
2KB
MD5212d2f5382c50a1d5ddb4504608288b7
SHA17568de58fa03bd73b9c9f8426b4b682cfdbb611a
SHA256a3eaeafc079272b19fa737a9ca52c9ece2e4fc26fc83a2db6a95fb408dc88b52
SHA51225aa7e3e9b61022220d90b607104f2843a752331cb566beb2d870dae2a3287a28327e8816e543a4721c75dd6831367773e236f34c00025ca1a6ab7efea52de28
-
Filesize
1KB
MD5fbf0032c0c68b71de8191d8e1c82479a
SHA1ab4478bc5b8da5e3df3ff936bd46d27cde6bb303
SHA256a2bf3f6d7bedb5bc53ded4ab17033b6ac32f0dd5028da990ac8c0ca6a8a017ef
SHA5120f1cc5f7c23aba461596775232ec2db3524031399cbf765d6b2b46fe3668fe94fb909a5d3b37d0f53693c851c92d123f4fac72f6cfec9c74c70c1d7a5fc0e035
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD57cfd192f1510ac4a909568472d23bf76
SHA178477a859bc84586ee1530d7e78c4880059b1880
SHA2566794d32d81bc1898139b9289d81d0e22d87037b2a464078b6b0b39db6af50d78
SHA512dd983c2cae312466d7604e671381701e8b5e801d7869c0ad01fbab4fafc7a3fc930b14a79014c61d5d19bee2a4e0a7d8b45abe8741c1f02fc6276a11c3f62b24
-
Filesize
12KB
MD5627e64d2b8fce678d60833fbc24a1fc8
SHA1f8526f3badbbff0615b8cdc05214b5131cebbdb9
SHA256c8675e68c0d6aa621461380c73b453700dbc4b4640983ad491217467eee1fb11
SHA5128d927da66b24ef3854574dfc9b39a1a8e87f31264b57eb2eba123d78d00c16c167675c221d27f325b8af5cb2f3c1bb35f54ad2f18fb7bd28466992a24987d21e
-
Filesize
12KB
MD5cc22a659e0582be391d82e4ef887c801
SHA12af879bd1066639cba63fbf336b5f89a92ee33d8
SHA256e32b8a2e17d8f4b8665f8c4bd127a661f61f66c67b68ec3fd362943882fc87a7
SHA5124192938a751f8d0665c0d245d5b2069ecf19506aa7d9d61984e370e218ceb29847c121fa93c8b5da694b56143cc03cb28b6f7b72a6854ceb5462afc68e7bcf5b
-
Filesize
12KB
MD5f7e4399c0e6ed8fcbe007f3cb966f5a1
SHA1650c82ae98ea9655cef653c3e92ba530b4e04a0e
SHA2568f6b2b2389efd05c0a94f72b411683e6eea4f5bc9f581a14c2bf5de237234a1c
SHA5120df1ad4d923f362163ba808ff4f113dadea33eb1d57f6cc6b58f9459ec3262cf05f0e29ac36edf7384926efd0a8cefbd50b10a6d57e644a0270043eb1877dc6e
-
Filesize
12KB
MD55bd313d5aae33674a435da7792c330a6
SHA106d555d57b133337fe51db10ffb98e593b6f5f73
SHA25630605733f0e0a65239b4a5a488cc16d818b2700b960a4d9f6b0da1d935b3ccd5
SHA51234269075e3ecc1817cee449c53e0ed784e178da2e0cc540a1b55bf77cb54e88a325a17d969908a5816660b8a822fc90cacadc7a19dbbbe080314a6dc4680c4cc
-
Filesize
12KB
MD5d2c78741651b654ae11d73e89165c838
SHA19a80c76e3ce12d3f2c390afed47fac0965acb7d2
SHA2562dc8ea41293aaa4827137aecb785ee94e66daa559d07f001796cbc697be38fa6
SHA512f41645857a65b28f3ca789b803d0c26aab781508458b417a24e51edaf8482bd2227123407bf83d698b329c6c2a48a1517ee3908a37a72b9d765a2903ea002886
-
Filesize
12KB
MD52b7cccc70ada061aa50a089e9e2775e5
SHA1e2124e9f3c98b2522456b6e72174a17a52993605
SHA256a963753f221c2d6c658c4173a22bea0839a05d957e8b617dbb9390aba18cc96e
SHA512c0d43c361449aaf8d41eb5bfe309ea0eecdb3a70a8f9f7d13853f6c684886f2a470862f58e0a5c7029c9c761f4ae39fe75547e22648340de5c4e2cd46011bd30
-
Filesize
12KB
MD54248bb5fa0110b759ca37f698f4b79f9
SHA1ff1cbb40d7d5e1f03e9be65e31902e337f0fe46c
SHA256b2ff38c4a15b9d643a25d33ffafe6399d3c6bb5c70c7c6ca54eb621c0a717ef4
SHA5126eae6094e686aaa5d6ddfd92f13aede3e50bcaa2f6a179b4beeffe8118b009540f45a9f9cba6f20c477cafe3ff217f9cfded1967ed3fe0efebce9ad057308bd4
-
Filesize
12KB
MD5ecec5da59cd382a335682aa57fdf3002
SHA1e094002966adf6c19acfeb9885396476c941e636
SHA2567c7efbf7041d1f64c9760a62f3570b9fb4e6582040d53c3e30276d08846aafe3
SHA5124269577c0b66301608377ec4f170c29ef51cd16b2e099d60e7015cfa0e2e8bdc780c1da8585b2ac35de137ee470db87eb487e64939a80b4543dfcf8b4562a6db
-
Filesize
12KB
MD58771c9306f34c3d633b90bcc6f70192f
SHA1babcc14af5605ad00383f83891449cccc4409152
SHA25657b2fb7ca553b67546f49d4d30efffac31559f7794fffcdd8db7ff7526e48971
SHA5127fc9aab3fde8278d205052456357f8c4e2931194572cda6c9492d659df8d9e57f5e97e7b9dd55af5ee26afd3456e6da5602645e1629e68e9cf6f568cdae09886
-
Filesize
12KB
MD545b842970cb44e4c8461367cbf138b7f
SHA1e157d7f90957fc2e483b67a47e367c392ff70e48
SHA256de7f89dfe0e5c0777136a47f27aacb57507ce57ff12a4c735a41fb865980af48
SHA51259f6ec5b4f8b4b6f340bdc71df0ef29612ae69135269196e180ac5fd5b36767cde5bd03d56ae60f30783ef9ac458e8b20caf2099b1ff567a628e17e9c881fbf8
-
Filesize
12KB
MD5fbc8d1233ca0b72d2938722261774f00
SHA1105f9b6b54e8930524af9df30b0cd8e12382c8af
SHA2568b48c9ce4e027bdcff22f8e94c893be825ed1a67bc222001d37086715b5f1de1
SHA5126558ebf9a7795651a7ef24f9e89cf3943ebf89e01a32f5c16b2ff41a9731141f4e351929d21dde72fce9fee5b6b344e319aef891d4bcde6515caa400e1dd4354
-
Filesize
12KB
MD5791574b16feee1959bb9dc6834acb717
SHA13f3a308258a625629fe7f5158090381529b79a0c
SHA256b4fd70af9cfaab99619a0942e741f12e224e1d473748e61eb22263d0016a9bc9
SHA512f20efb063b4b6a09e4440d2e9e4cb008966793e97690bc4d2697d8ca7082fc2fb230adabb59c6b5e7d6004f3e46f727de81bdc9173a90ebfbd3400573f9b8074
-
Filesize
12KB
MD5661bda3a944393303e69be64e0b0750d
SHA14403f784507ec17c7acb5c15f655d11150d36dd1
SHA25692e3743814f03024ccba396ca74edb4e7b5c4fb38b1af6715cd9c1b25fbcbefe
SHA512680b06623dbf1e8987b6b8c6300e2f914ab4fb785b6787bac422017d5d58aabd62bf4eb54e08241b97ac79af8dc4db9e0f8398f3428e5cc3ab50e4f906580039
-
Filesize
12KB
MD50119c15b80e44338a425e91d72f9b817
SHA178adbf8a8074e145e11e87847ae49728a8e8a598
SHA25661bfb14b5419c3ee9184648d6ddfe11dc9b15b18baea02c619ca1ad7e53385a9
SHA512cfb9e383d87a90b8cd05d2323084505fc7e21056fab7d65dadc347b17844cdddc2cf2fe35492b28ec76d2fa40c95c3b8cad98500c2f945b3801278524f27d30b
-
Filesize
12KB
MD50a798c941b3bc371369542e65a45e109
SHA18cced47d814f17af53eebe28013728243eb8d8f6
SHA25621029afd5358ef1bac4bf6fa5989647af6c2d099a5f634e8984a05b6f797c50f
SHA512eb6fc5c0a0a02d76f8ddb38128701c7a59b84a668c862a59d567611e3af384c3d45c862ed783397445f6556281de35d501bc45a5b07bdba387c94231a26a570f
-
Filesize
12KB
MD5555ec42a16f0b488eecc3a3feaba7bd5
SHA12db468715349e09e0b952e8bd14c46a4b7fd010f
SHA256e365d13e3383309da8060c78011a6a8edae6ce7fff2560b2d2ed3769fe714fd2
SHA512d5848987536244dbaf89323eaf3b0d80aef4b96fb9dbb5c9f6088e6732b26cbfcd78511f99a7d46f2536bd1a6f409e4e0e0e2eee67b065011bec1c0ac5d2c2ff
-
Filesize
12KB
MD53a0d20423bfbd712b65c788121a065ee
SHA1eb1c0e50c8e6a2935cdd05702310fe17bebabcb4
SHA256bdc34617462e52ef20d8cff5b7a9e4ebd03a2ff29baadcc8119e8f7f5affacd3
SHA51240a4ed3ea6693d186850e4415cdac4806931ad8c491b8d31f32a12cee8e33915d45540f13dea4546664c68266fd13d121f82b625257f24529c64c5481f0fe3ba
-
Filesize
12KB
MD551fd8e9de2c8f9495014f2bf7d2a7ca5
SHA194f7ecb49e9de8237b713cd1ae1804b8d186f1ea
SHA25602c0fef6f10251ea7f335e0d448b0d27d01fe90bb38475b11ef33660e91d85c8
SHA51229cf250297404e4d382c29eb6d2e31da1e145c5809f62a0a918b95006cb76b386580dd77faf3ab02d532196b70ffe6e1e92e24a308e7d0159defc17bd1145ca2
-
Filesize
12KB
MD50adde1dcb1fec6b714105696c99a524c
SHA1d45b706ce952ee0498687dd1c25344664fabdf08
SHA2564b1c1d9e7fe94778bbf21bacefc78e69937dd0481c5ebb9551c5c2b17820492a
SHA512f1f25f7cd9478a8efe7c4dddef97b9a299cd35f532b439c66dcb5dbdd39e3f7f523e2dd909ca6aa0067fa18d446ab47c59b78c845815ac52bac60b6d7899d873
-
Filesize
12KB
MD5b5ade980960d4bef6c6c7b9a716f9f60
SHA1f876108ab6cafe0af630690924bb9a16523ffe5b
SHA256be9c3dbcaf40463ef158d03718e4268576f0bb19d9e819966054b09bb0d4e5a3
SHA512991332ec10df1cfd40d314f87bb3be060dd080189344a0b06c0acf572b58bef0a4c1754dd0233a3bd7c0895074ee3bc7993491053563f164ff02aaeb2c8fb63b
-
Filesize
12KB
MD583e800df81836757288ec6309e575537
SHA11f2698efbd29029ba8a9f144f3c6b4ccc166161b
SHA256ed599f427661135f7bab881745cb2ca68805c6e04ecf11a5bb4c32de2d23e2c6
SHA512a1bfbd4ab25f6892e44cb204c46607c85813575a0b80fc8875d8e5a303c9828db9faedb021e8bf0d4e07543ed9259d54e2f088a4cb5df0454aa637011992ea66
-
Filesize
12KB
MD51d1287abe775e302063ed7a9227df912
SHA1cbf9d7bc8c914305a7b260230c6ebe11616cccbe
SHA25655042703d5dd7b4d70b63bf4f1f866fe8dc26f1ea3699e5f54fead1a0751d781
SHA5122390a6942a20e1e41d6607416d85447b031ef60f0320014a772356618ca69c9659828ce46e884d84597123c46b4e0394a102779bb5dddf20b40d0ec3779c1450
-
Filesize
12KB
MD51d5d26d1a0fcca8228c898b4ca13ba72
SHA1197a2c07c2cafdd97ddb643363cc8090a7572b3f
SHA256c8ca0e3add9f6a2bab89b55eb4d94ee2055a169fe48924cbf36cde3c8f8dc98e
SHA5125ea20d72ad573b1cdf312ac7c077104507697397f7b64a304aea8e0c1d2af0dcc42c93ca3e9fb01c1fb580f0f8f21293eacbf9cc8a38e0671cf04c5c30f42fea
-
Filesize
12KB
MD51a2897fbc5c5b34787954a5ba736eaf9
SHA1bd7af75c2f9d7641d1954e4cd93232a80086dea7
SHA2569508389ccf569cf6518658a7dff43234478f2b8846d2d954df2b781fe09b5ccb
SHA512e3536367da1c821b6495b984452683943ec0840d13b3e07c9acba7ec8967d1b39840a994321370527cc05caf2415c4f8b338b286ee34ad44e95b6d3006053989
-
Filesize
12KB
MD56c1b166d36e2099cf7d48041a1ea7256
SHA105e56533692023c53186258e6c9ac58d8b1cb9bc
SHA25645e3462e0fea8e8af74a93c5ad6b5681fda3b357c6d4dafb9a296bcf8adfa241
SHA51210b0abfbbc39cba120f70e69b8174daacf16e17b0165960b6a69d489a745630f8fb93e23c29a651b8a897f5f69f0501921105ce22fdb0f5b2bb5fe1e6abdd368
-
Filesize
12KB
MD5ce89b5a20ea756d584151878a24ba38c
SHA1de2207d30a2e3cca46923ab9076ac6cb01c50719
SHA2561e37cfcd69c398f3616874d7a4a3d9343c0372cedea123570ba5178cdbbc6bdd
SHA5120cf24c56dee303026788e6744de7d4962922e02b310b558cab2ab981d24038b5f9bbe54b09e9e8a78691a0e62581a459d12499d61b3c8404cdca793673ee0722
-
Filesize
12KB
MD584f2bfb9bd58f3b4968fa68e67d86978
SHA110cdb10beaa9d5dcd9b57d31110bbf3d4fcbeda1
SHA256e35189de2cfab9be5406715161e05d5bc813abf521093ceb3ea158ec198dbc2a
SHA51206c4d9d2e7424b0a9b52536b8105f0cca0d672f9f27772085f90ebdc3c05c7d4578fa111cbbecf01a398841dcf043376a62a81d7cfcdfacf2b3220c56107c334
-
Filesize
12KB
MD53688bf8697177fb33b3018d9d39dd650
SHA14cfcf62059189054b47528d2cd6140784249e4ce
SHA256e6ba9ba5902d2d940bf3931f017b7f4ac36d73df7648101a270cb9e4fbb173f7
SHA512a8210e276ba4cbcd596b4039d6f6d1a677770146046ef1aea1d17c273673c890c5424262d3c4dcd4a2245650a49c6f8841e896fc01b0dc6e16f9df57c5b7efa6
-
Filesize
12KB
MD58f3177a42e4c27b26bd80609ffc14c3e
SHA19647718d82fb37fc3fb46966328ae9f39884bf06
SHA2569b67961b72b2b86d12eb2abd8a18f75abbede9a747be9ba478ec67788f86839f
SHA512aa56934fa005dc11a45a4196fa69051bade583ff7b9e5deadd38b00b372eb60d764cd1cbbe369e895f9e43bd580a65a55f5c20338902fb53e2bb53da7ee92de6
-
Filesize
12KB
MD51611ea64e01355484fa0332986d27641
SHA1be05a0022ca88a9a696fe4d04010e79a7eaf376a
SHA256eebdb683add52394523032671018bcd9b523d70335e7bc2b3fac777b90b5891f
SHA512fa75b9623e8c737fd98bed328f5bf300da5423641509fc35bd11b44507b8d06ca5ffb9251f25f11cfb69495f38edb9bf4745f3afb8f1ade3b1ce733ae785ada0
-
Filesize
12KB
MD5db3202d151aa16ab9aaa26e8b311846d
SHA106f1e769116e4e07c1580df3c10be6615e1d4718
SHA256e5fe43eb8ed571ee5adba5e09ac8b36da836dc89eb5a7716c6c3f6333e3ff93b
SHA512f0caca279872e1beab7cbd60248d20bc8baa170c7b779acf7f782995353b4a04dc3ad4fcd1b61482980cb44467706d2e04ec14b71e57620e1edca4e8298df896
-
Filesize
12KB
MD5163e140063556d4256ee7c4b55d29db7
SHA15f92e0991749e69f03dba9d3aa0836426d3b6850
SHA2568f918d62f86af2cb453842d731b409556db1a7bb4a3f5b9e2fbbeb516b592789
SHA512c2ab83accca762dbe00af7a68a7fdfa2b0c7d0cad95c0df3db5a3da4b8d70f6791ba9768f2ff3e19d6a24686f5872c87fa90e6cac7be22857153844a6673da55
-
Filesize
11KB
MD5ec148f1eef64f7173c228b3a770f0013
SHA1992852577ae167c4ce41df9a4885ab201382e882
SHA256210536eb18ecdb4d844cadce08a71caaa33a4c8c48559e1113049c1059e79d79
SHA5123d727c3e232f3be76c18654834dd3d55777561a7f81a0ceb1858bbcb6f08dcf4d2685506d6aa2ff6d7843d87b5345de1bde412f4805ccb13a6be0ba1fa14332b
-
Filesize
12KB
MD5d894e8cd6d6ff53886b35765c08382a5
SHA17ee05913551639babe30a24891a9575651d027ec
SHA2562cc1cda6c16680ede3eff2b797abfef5fb0b909ad57c71b880b7bdeb493dc218
SHA512bb400f854affbb812b93ba55a09d2abc6a709186419b4009385069c80010a90ab6907002b40c18aebd735bbb5ac1df7602430bc50ea0c146686f9aedacd09e93
-
Filesize
12KB
MD53c3c36bdb1cc25367cfe981039ed6106
SHA13731dcfa3845fe86ac64e8808c5c41833faf9cfd
SHA2568175a541609797651a6136510cef894e2183ea14c607bc2fc520d04dd472cebd
SHA512abdfa8c096f93e44ad6ff97662aab0eca23a16afaeb084892453e79573fb9f3c4da724253199b223be7494110cd2aab12feb61bc176ca3e1fdb4ba625fb9ee1b
-
Filesize
12KB
MD5108a00d03f56a98671b94bbbd5fc7522
SHA163f0b7c17abc9d1b3a52624000cbeede56502d3d
SHA2565a85f6f99cdd8f1ee73452617fa41e854dc427814c9d6d84da979a7b5d53572d
SHA512d861dd65a593e89b5ca7713c008c091d781d195f7a3bcfc1f2dd889e9419955870b8aa00e2a6d25d56d85d553f9e58735c412a74740abeac1c17498b2902efe9
-
Filesize
218B
MD5afa6955439b8d516721231029fb9ca1b
SHA1087a043cc123c0c0df2ffadcf8e71e3ac86bbae9
SHA2568e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270
SHA5125da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf
-
MD5
d41d8cd98f00b204e9800998ecf8427e
SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e