hxxps://decrypt[.]day/app/id1563649061#download-box

Analysis

max time kernel
1041s
max time network
1049s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
10/03/2024, 23:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://decrypt.day/app/id1563649061#download-box

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs

Web Service

T1102

flow	ioc
135	camo.githubusercontent.com
149	camo.githubusercontent.com
150	camo.githubusercontent.com
196	camo.githubusercontent.com

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	AcroRd32.exe

Modifies registry class 8 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2930051783-2551506282-3430162621-1000\{21A0172C-7814-4C53-9868-A36887912C0D}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings\MuiCache	AppInstaller.exe
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings\MuiCache	AppInstaller.exe
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings\MuiCache	AppInstaller.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2930051783-2551506282-3430162621-1000\{A5312D5B-00FE-48A2-8CF3-6C759A7A23AE}	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-2930051783-2551506282-3430162621-1000_Classes\Local Settings	msedge.exe

NTFS ADS 2 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\com.juliand665.Valorant-Viewer_1.3.7_und3fined.ipa:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\ipasim-build-v1.0.1-2020-12-18.zip:Zone.Identifier	msedge.exe

Suspicious behavior: EnumeratesProcesses 34 IoCs

pid	Process
1892	msedge.exe
1892	msedge.exe
1632	msedge.exe
1632	msedge.exe
576	msedge.exe
576	msedge.exe
4688	identity_helper.exe
4688	identity_helper.exe
5444	msedge.exe
5444	msedge.exe
5444	msedge.exe
5444	msedge.exe
3856	msedge.exe
3856	msedge.exe
1476	msedge.exe
1476	msedge.exe
3100	msedge.exe
3100	msedge.exe
1964	msedge.exe
1964	msedge.exe
968	msedge.exe
968	msedge.exe
4076	msedge.exe
4076	msedge.exe
4592	identity_helper.exe
4592	identity_helper.exe
6096	msedge.exe
6096	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3052	msedge.exe
3320	msedge.exe
3320	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4696	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe

Suspicious use of SendNotifyMessage 42 IoCs

pid	Process
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
1632	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe
968	msedge.exe

Suspicious use of SetWindowsHookEx 19 IoCs

pid	Process
5972	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
4696	OpenWith.exe
5556	AcroRd32.exe
5556	AcroRd32.exe
5556	AcroRd32.exe
5556	AcroRd32.exe
5520	AppInstaller.exe
3748	AppInstaller.exe
2724	AppInstaller.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1632 wrote to memory of 3192	1632	msedge.exe	80
PID 1632 wrote to memory of 3192	1632	msedge.exe	80
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 4816	1632	msedge.exe	82
PID 1632 wrote to memory of 1892	1632	msedge.exe	83
PID 1632 wrote to memory of 1892	1632	msedge.exe	83
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84
PID 1632 wrote to memory of 4840	1632	msedge.exe	84

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://decrypt.day/app/id1563649061#download-box
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xb8,0x10c,0x7ffdb8e13cb8,0x7ffdb8e13cc8,0x7ffdb8e13cd8
  2⤵
  PID:3192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2500 /prefetch:8
  2⤵
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:1912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
  2⤵
  PID:4204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:1660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5632 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:576
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4688
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:1748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1
  2⤵
  PID:5556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3480 /prefetch:1
  2⤵
  PID:5564
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:1
  2⤵
  PID:5708
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
  2⤵
  PID:5716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5892 /prefetch:1
  2⤵
  PID:436
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6252 /prefetch:1
  2⤵
  PID:5356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6536 /prefetch:1
  2⤵
  PID:5484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6488 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1984 /prefetch:1
  2⤵
  PID:5420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
  2⤵
  PID:1860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4628 /prefetch:1
  2⤵
  PID:2700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
  2⤵
  PID:5452
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6744 /prefetch:1
  2⤵
  PID:5792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6868 /prefetch:1
  2⤵
  PID:5860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5392 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5444
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6900 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1
  2⤵
  PID:5628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6960 /prefetch:1
  2⤵
  PID:5644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6532 /prefetch:1
  2⤵
  PID:3132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1
  2⤵
  PID:4292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1
  2⤵
  PID:5880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6956 /prefetch:8
  2⤵
  PID:2924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=7012 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:1476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7016 /prefetch:1
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=7284 /prefetch:8
  2⤵
  PID:1028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5884 /prefetch:1
  2⤵
  PID:1640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
  2⤵
  PID:1088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7616 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1
  2⤵
  PID:220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:5508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1
  2⤵
  PID:4748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,12605136417846736108,1956265502323489870,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:3100

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3876

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2172

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:1332

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
1⤵
PID:2440

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5972

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:4696
- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
  "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\com.juliand665.Valorant-Viewer_1.3.7_und3fined.ipa"
  2⤵
  - Checks processor information in registry
  - Modifies Internet Explorer settings
  - Suspicious use of SetWindowsHookEx
  PID:5556
- - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
    3⤵
    PID:3224
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=DDD218C53B178BF41CB449E36D1DE5E0 --mojo-platform-channel-handle=1772 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:2272
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=D76D3716940F92F52F97FEDFF292F345 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=D76D3716940F92F52F97FEDFF292F345 --renderer-client-id=2 --mojo-platform-channel-handle=1792 --allow-no-sandbox-job /prefetch:1
      4⤵
      PID:792
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=D402C913BF567C2C4A29248D7099F28C --mojo-platform-channel-handle=2212 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:6120
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=8411A36689BA9CC88DD69A39A1743F42 --mojo-platform-channel-handle=2000 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:4568
  - - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
      "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=81A1DBAB52EC636F790E316E3E65E5F8 --mojo-platform-channel-handle=2268 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
      4⤵
      PID:5296

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4084

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" cryptext.dll,CryptExtOpenCER C:\Users\Admin\Downloads\ipasim-build-v1.0.1-2020-12-18\build\IpaSimApp_1.0.1.0_Win32.cer
1⤵
PID:3332

C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe
"C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe" -ServerName:App.AppX9rwyqtrq9gw3wnmrap9a412nsc7145qh.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5520

C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe
"C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe" -ServerName:App.AppX9rwyqtrq9gw3wnmrap9a412nsc7145qh.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3748

C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe
"C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.0.42251.0_x64__8wekyb3d8bbwe\AppInstaller.exe" -ServerName:App.AppX9rwyqtrq9gw3wnmrap9a412nsc7145qh.mca
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2724

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdb8e13cb8,0x7ffdb8e13cc8,0x7ffdb8e13cd8
  2⤵
  PID:6084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
  2⤵
  PID:6000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2336 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2636 /prefetch:8
  2⤵
  PID:4272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
  2⤵
  PID:4704
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1
  2⤵
  PID:384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2440 /prefetch:1
  2⤵
  PID:2532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:4032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3648 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3480 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5240 /prefetch:1
  2⤵
  PID:5804
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5304 /prefetch:8
  2⤵
  PID:5388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5180 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:6096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4356 /prefetch:1
  2⤵
  PID:5056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:5624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5908 /prefetch:1
  2⤵
  PID:5172
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2572 /prefetch:1
  2⤵
  PID:5408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3028 /prefetch:1
  2⤵
  PID:408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
  2⤵
  PID:1800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6900 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2872 /prefetch:1
  2⤵
  PID:880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
  2⤵
  PID:4304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
  2⤵
  PID:5276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5972 /prefetch:1
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6080 /prefetch:1
  2⤵
  PID:2784
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
  2⤵
  PID:5592
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
  2⤵
  PID:5908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
  2⤵
  PID:5712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6108 /prefetch:1
  2⤵
  PID:4088
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1372 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3492 /prefetch:1
  2⤵
  PID:5940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1828 /prefetch:1
  2⤵
  PID:6008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1888,3052921120117942433,4889531251169737856,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7492 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3320

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2872

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
96899614360333c9904499393c6e3d75

SHA1
bbfa17cf8df01c266323965735f00f0e9e04cd34

SHA256
486e4b4bb11f664c91c675e73cfeabe53b5009ae719459813be17814cd97e43c

SHA512
974735b40a9f92b40a37a698f7f333590f32ff45633c6e619500e74ec274bc20bf7dbc830b1685777b714d37a3ca103d741ee056f4ff45ef08c07b38a7895df7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
2c5433e3aec0e7a9da9726637867fdc3

SHA1
7f93f26c987ce7218f46659ba777e23c5a68660b

SHA256
a3753cb5fe6ba511b56ecc69c08f93ee7bd6ccc6d7a89b5e6c68f5c2e0b9e8a9

SHA512
cf1c3e0c2b46433ecfbf98d0bc831a66a752a2bfa7df8ed336fdbf7220ab7cd6506c73535687271b9e261951f0d825e7335de36afb3967edd96f71161d744f62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
19a8bcb40a17253313345edd2a0da1e7

SHA1
86fac74b5bbc59e910248caebd1176a48a46d72e

SHA256
b8024fbed11683ef4b53f5afac0ff691025b7eecca0f6a95737da1585558227e

SHA512
9f8780f49d30aad01b28189804329aeca6ad2b7ffb6be505d40bb1af7802bb62622f518cb1c43a5815bbbb46638f6c52aead3d68f14fa957d18157edb42e95c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\4d5df47c-4974-4083-b580-31daeb6c368b.tmp

Filesize
1KB

MD5
62fbc8e0b41182a05195ea1c3bdf0b5c

SHA1
fd23280d7f40c1b5e738711c158864050fccca29

SHA256
40aecdb64304dd23f2b2adc2b772289d7e46f21140a501dbcb24e17c29f0e229

SHA512
228500ef702e2d87723bc30ac03cd6b4f0d29555291996ffac2d2b759a74455f343cd10b69c95511fac3aa5b137e9757736488311f39167bf3df003f26b39463

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
23KB

MD5
a30f8981f825f7c62b02df1e96f4fcde

SHA1
3c17fdbc93d36b8ac808ad67e354e8f7c279995c

SHA256
fa682ee99b126b8b54ca1ed2e45f9ab0499a95451abfd432e122fb3d4efed94a

SHA512
95b4361a16f4b39916d896b70cf3c47605606bde1c0bba13027bf592bc665cbef7497a39b3fd6a7b4f2e6379702cf81dfc6e9587060d45d1f71dbc69f50ca455

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
36KB

MD5
4f99134dd87608b6feab75c1558ac9eb

SHA1
cded6dd5517a120201cbdddbfdbb669b2ddb3e62

SHA256
c0f299821f51c28c5f1018a09ff417f6e36b7866ca8e00c1e3bada5b3b3db47c

SHA512
f377b45b27e8c6c8357ca0e77f3c0de0d5b0d56e6dff6b352b2acc7beabbf38f1c548c66964b86db770eb2059eb882f2fc1d29d1fb6f6337df50fd445da450a5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

Filesize
91KB

MD5
4914a8a4f488e5afc0cb17f628c0e267

SHA1
e957bf87ca06cb356b017801c157cb501967b536

SHA256
3da073dfa33763b27663ddf2f7c4ae8e576aa23db24e9daa07e0705e17f91d78

SHA512
cce44b0285106502f2b9c978fef31a553ed151b2a6fe90c6f69c69ffbe29f751ec51ec54fd19a23b491545209074e2f6af2cf93c277abf92ca91dbcf41221f44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

Filesize
50KB

MD5
af76e62ff1e857044aae6043c5c283ab

SHA1
d7aa7458d71c64acdef2fc82ca22b346e171ec6d

SHA256
12e73694de069799a57e4e0b3fc0a82337ac03fa75ce390029f44f0182f0b813

SHA512
893b56cc809d30407a562be067cd9198ff90e2bc17671ee8007cd615e54cef9e3cf86043bd5eb080175e9e1f8079fd99b2448e9c6c53b93eb724e66773fa7b27

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

Filesize
62KB

MD5
daa01cc5a9b8b3a7730d8c940015554c

SHA1
6d3091870737fffb408000a4664c8a6f088b5cf7

SHA256
60dfc7c4f1adc5282ff9d3a0bd9445b59874ce5e123226d3d6f5339d1b998a6d

SHA512
7de57bc1ef544432cd0cf5e27b87fd19af248d2adde11b9b0b7f1cd5e762fe8ab08954344027b7fe32a62c142ba8411e3db42df87ed47a009437aaa511d6246e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

Filesize
19KB

MD5
d6d1e7dd954ba6d6d40943020628e4e9

SHA1
ff21bb23bc72d6b523c9d9e6d5a67df6a7561498

SHA256
af7788b954f7d5bda174f934249443c931557c86bc89dd0ed1c70fbde3e5937c

SHA512
fc982f32aa326dd99a757bb0f69546318260257d7a10e3008e09ba07309694eb0dd0986674d1e17d43f8fa06a653d2c0dbb2626868b60a86833614c9a708198e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
19KB

MD5
e3f13ecab8e7069449875e3b6feac17c

SHA1
fb29d4fe1ec3fb741db603eb8cd508496788dab6

SHA256
8119819eb27c388cd2f24a57fbde3d0801de94b70ac866943418f768d9c75a1b

SHA512
2c715df8208e130d63e1a3042d4493800938df82dc10c8175ed3d67eba9f7a4a36c7cd5fae39f9be83fce01d31405cb823e2b88ef88ba0f67b889c82bd43dbb8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

Filesize
67KB

MD5
88a552e6be1ac3978c49143983276b3a

SHA1
dbf4f4dc62a3da564b1a87b5191dc9a72a9b9423

SHA256
927121d8118a41fa3460b9ad84daeae59ea60dc9607e462b7e1341bea60da8d5

SHA512
125b13be3d209ff5cc12d8f9f12d01d271cd50c2800059241ebb419167c21adfa9d979ff6b8d88052f5d302e98090b7c8ceff4894b397168d8ba6d8a6204fb9a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000033

Filesize
31KB

MD5
1fddfdab08937ca30e43dc454840c64d

SHA1
25af586ab7462e30465c9306426062b9d10bd058

SHA256
c578d1b5c5f608df3926d2658217ae728beace6455244c0cd9e3e3d15e455013

SHA512
b0f5666b0fed1321f525f72b5950b8c694032160e6e5fe101201f4fda3ea3c04fae226a997f949478a93705c8a2f25e3567eb69e35dd7bb6bff85d4bdc481fb9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
63KB

MD5
710d7637cc7e21b62fd3efe6aba1fd27

SHA1
8645d6b137064c7b38e10c736724e17787db6cf3

SHA256
c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

SHA512
19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000036

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000037

Filesize
1.1MB

MD5
60021246cef1f0978983114d1fd51250

SHA1
b4cd22c3fa223376820c53fab738473732a0682e

SHA256
5cf8acb556090e2c26d420340e174d7948ca191e0334ddb1258da8844d4a2f3f

SHA512
ba1395b1814e266915c44e7b72f6f4d3a9528eb60948a1d9a6b501d129dcee6d8fe22125e569a618c25bd89b9128e088b3ba6c0ebcad3804a128f38f0e614b66

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

Filesize
194KB

MD5
f5b4137b040ec6bd884feee514f7c176

SHA1
7897677377a9ced759be35a66fdee34b391ab0ff

SHA256
845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

SHA512
813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061

Filesize
62KB

MD5
47953bcd62e93772ee22d834d1438f17

SHA1
5d1dd3b5dcb3e1fd32d552eaf0e583ef02f2acd2

SHA256
f17878d7c848d8cdc3652e58692f7636a9d19a48e94030d64009dfd66b0e8425

SHA512
5590afbb8a596d3b4f329458f05c5be230048a1e65aa9559aa18ba5e46a14362788e61e728dbe0ecf9fea6caae8b455dd6e29cb50b497f85eafd0f89c5b5910c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
31KB

MD5
e22be493da1dc48a98d8d6f0178cd1f6

SHA1
8c9b7faba91939dd36b502417d1a9eb35714314d

SHA256
ac73feacde76fe096b76b0e319ffd553366a25e73b326c4bfd0d565e0babc845

SHA512
b471700ab86108c321ede5c805bf043be8b13fd1e7073ab072a99f45a417eec3b627501a5d996eb0665303397f99b59c4270993c54e613e7d9438c74ca494257

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066

Filesize
33KB

MD5
c15d33a9508923be839d315a999ab9c7

SHA1
d17f6e786a1464e13d4ec8e842f4eb121b103842

SHA256
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

SHA512
959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000098

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00009b

Filesize
47KB

MD5
015c126a3520c9a8f6a27979d0266e96

SHA1
2acf956561d44434a6d84204670cf849d3215d5f

SHA256
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

SHA512
02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b34441ec378c0fb_0

Filesize
266B

MD5
bd729e98ad095d230e16fb559f07fe4f

SHA1
bdecbc6051fc2d4f2d084650550095b13f5a12e1

SHA256
9253092b3c95bf62ea007f76a9a856112c73a7fa4d8cb34444bdae5a60e372f1

SHA512
99b6d532f81107cf66116a79151bba688fd4e0f145e5a358f3e4e1ebecf7e4a71eb62665fdd32f9185f9979dc195bc8df1ed69a2773bfdeba474914f1409c970

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b34441ec378c0fb_0

Filesize
3KB

MD5
58db9cf0d64d62e50cff5cbae7d3fea6

SHA1
ea90501836f359de3032195eb1fecd651347bf0d

SHA256
cb527d50fdadb0f5d4853f276d4fe0898c15b1fefddf0bb3796949af41ba29f7

SHA512
c6f557e5bc9e405ba66a8035f1d01e39c0f388e7d55ef79a697ca83851b867d4317f824ef271c7844fc55eca34b5e4a0c4f4eb50ec26cf5b3f8e490eb6430ad7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5fdf52335d617b14_0

Filesize
262B

MD5
d9a8d4db786f00c7d8bd721842da1597

SHA1
3ed07852019a20fd292c39a47426f48f7a07bf9f

SHA256
6a3f007331c4505d7cb720192066d831a6bdd27a46e6d65ecc714e8480caa361

SHA512
be5c8653255866c52bb9a0eb4f03f1420a863015627a0e5cd17a10cc4c6c88094e564967f4a695884c6edf847aa5ef6e9017487c697d359012827d43c99bd6d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1b16aac341a0ed9_0

Filesize
244B

MD5
0c26c0e2fefa79ba1dccb1f01c67c64d

SHA1
998f4345f75af2264370a32897dd296656ba3b0e

SHA256
073d0028cf3e663c0c4c6c3857e8748774f4d2a34dbcbc2cedce01f6f19a0bf8

SHA512
ff2f1e4ecd406d513c3904239d145902288ab38aba8f65565c89eb487d9227aec1ef751af3b2f66ea5eda6ebd3a34ea74fe956f1313b059fe15fdd8769690a1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd35d5c4d37b8500_0

Filesize
255B

MD5
dcc750da90c692999d49e56d1cab579e

SHA1
6fde4b906074b3a30d0cb4e6ba416e1f5c8f514d

SHA256
9d11927e51c847e3464c7bafacdbeff84538f9c91e275927460d759eab43f5b9

SHA512
3faaf01248f6ce39931e0fee1435659093e5466d2cb32c13bfcadf1e0a1e67848fc4d1b306bdfe963a7328a5b0e66e50eaed550184f3436727a29de7359505b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dd35d5c4d37b8500_0

Filesize
3KB

MD5
45e21fcd08b128a41ca2df6b99281259

SHA1
4c635e0d7a8f23b437b67ee1a6fcea5b1804bf9d

SHA256
ac5572098ab65b92ed82ffa82813db443084ec7258fdd561bf75846de747cd93

SHA512
03bb8fff157f37887900ce782fb2d4fff7b1f521c66083570de75cfd7af627dc0ef231824de50ec6a82ce4c6181f528d78495efe5e21b6924596d331a75bd767

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df53bad28ea1e322_0

Filesize
255B

MD5
3625eba8b98e27ca57e175f711b13bca

SHA1
b545b2b5afcfb129e2adb2c0068e9196d4ffd1d1

SHA256
890460d6591499d495b1ac60fac78a4e3b186a727cf65c21acfc72f5a1e3923e

SHA512
de2301b24c8b515c926a5562aec2e1b933f7292175cc7fcd45431b81746a4c2f9e2a697daef5ba40a046e88f678618ac5e41820ba2c6913225aab45410e0dac1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\df53bad28ea1e322_0

Filesize
303B

MD5
711d69849ec166936eab5a0ff0416363

SHA1
5bc46e476f434d51831943e707f2240dbb21187a

SHA256
b3c52ca9898bcd7020de13a76be311ac69ecb89a32a13112a9509b68330d25a4

SHA512
4e7af6953617eb914f6fbdd72b0eba4e3ac58bbcfdb710d26a8beebeda2a72837348c66eea781906d60083cf3e17375d164c27989b28498c328b93608bb4919b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
dd02256e5d23e4865f2c227468b21513

SHA1
71be2c4d5fb54c88862639d869bd80fced19bff0

SHA256
ffd0fff900f3826bf2206bfd162d113735d868a75c38c7c38a695eca415af062

SHA512
7d5effc22bafe62df3906572970d854a78c55a2537048d22f95c545c1d04c68457e48354db8913eec84fb3b499b2e1f1b203adf052da438eda9c56940d6c7539

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
e2e132b0a9525a55c5c438853cab370b

SHA1
13d46c7e15425b9459e3f16abb3a0c89cfe7d2b4

SHA256
412f2b36ad4229455301984b1fa673e0a9c7ad1e704d343e34fe867c05e474cf

SHA512
aa09bcebdd867779e993bf3aaf6be06f9bef9e0c8fc3b351dba42345934f546399c9e85dbcd99f6022d90038dd026757c3a4d5a2c42959ba732960869e8f4699

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
6KB

MD5
502bade1d36cab8018b11ba4d1d38a47

SHA1
2fd01462250b7956b601cb3a657987c042c6596d

SHA256
0c656d9f02690af4770bce403dd7c08dbb30d92f24521233ab4c0c30b79bac9c

SHA512
c001d207d72f0dcc67aee5932ce163ae3726a3da6839dd3a9eeb07dee9081866e4d10ab61ecfe4356193a817622e74070611626abcbb16c9d52e2c1a7cc9ef9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
dce15853177a4ba0c7da3a00a6901ceb

SHA1
774a17d4845b69c5a168a43db133df473d7173e0

SHA256
74d580f44a4e9c12ccd4aff093aa72bd20dee58afb781c483706faa38792db9e

SHA512
dfdcae7771dbb294cf2577fd0d7a19af9a4adc220f67a2400e99e985a24c0ef59e7504f62384562ddbd89797d9fb4ff466f2e922e9bb1cbbff737930ada7574a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
9204c7e6f49f1ba5d20352e5226039bc

SHA1
877d633ca2af56a70bc6afd7e394dad94e778a4e

SHA256
07cfe5dfafd8e3c93d6ff2dda624dba75fd0fe470668d4084d86755cf155ca8b

SHA512
dd54a5be1a9eb6d31979f394c9864f78e478b08fe921385b0332b1746a091e492b1d953f6e159271e5799f22f1c3d9d732f51b0eb11d09d8c7f4a9da42cbe8dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
8c2cb0c40386ec83bb63e5a162c0cafc

SHA1
80e52759f41b37df5a6e11c71711dafee3597cb2

SHA256
3b432d3e313c9b390e3fcfc0782efed8ac2f00505686b0f422ffe5bbabf80452

SHA512
186c730277f9edf49e386eaa9648bda10f574102de32ad015a98d1f036b7f6902b649d1c7e85f38a7ed2375e536a2e29632fc7a231a2697308a6eb5efdcf2505

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

Filesize
28KB

MD5
04324d4ad1ff77444edec60b6e8c5f84

SHA1
d9e41fd027d0d11a99b430174110150330d78c9d

SHA256
b40a04c919ba20e1f26644a58a5b531353d94d82c7d8d4c08d6317d196244464

SHA512
6b5da28067436cd8bf3e96f4f0b9e223f86474bdacbdbd9212ce309b875cecd5edc3f8e873d0fc3543205adce4a008930a786012ca9486481948f68257a92cef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f5d8b3df1cc48ba75f2bdfb7386139aa

SHA1
f2541bfc48964aba8a02503ba0d15a2718bf0037

SHA256
09d165f529c1dd78b513d688621491d9a5e740f6ad23d716c7d761959c9c5350

SHA512
46bf2048365b7805368a7fe63d73cf29c4232fed4ba9fd1364b4513aee8149b384b9cf74188076d5861be5b01f06a1ced3ac9b27c3fdbd1664c4040614e1e233

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

Filesize
116KB

MD5
ce9a65cc0f94d440681fac2351037ff4

SHA1
85627f042bf08c109e9bcf9cb6bae53ef1b18b70

SHA256
7d0002146639601ae6066d88304492070c3e8fac6e9787d96e38e7a1d4363f8c

SHA512
af07f02f47a770cf98d923bda4b04f6eda1c5d0b305306cd01a8c6358fd239a80c662f064629735ef44b4d9ceb24001852cab0861e7a352d7ce71a454aa8e538

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
4814467897f9100d96ad6397018b5970

SHA1
f8d05837fab4eadfd57a3d5779d9098911bc316f

SHA256
cd66a5dc12126521f8cf77bf0d61da696f4616fbf80177f650df6928f9c637cb

SHA512
1bcbd2e0cc43609f9de12cceddabe09249a94260fa4a2aac1934992f1a01254436145107e46d6cdadd654fac805f2e0aa674acc7af8523cdce9a3656c461f7bc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
a1dfcde083d21eec4ad1192067db2657

SHA1
cbd978ac418340bb43119220bdf2ebfaa7d244f5

SHA256
d825cc19256184420ce46703dad148ed614590c1f6e3551f67bba9ad6cb081b8

SHA512
e3ba0fe905090b46058d5b4d903e4bdcd2eff459887e926142e66aa6eda4e1e1278cd8a2e02414a9a7f9783beafc91f3ead74e641f8e0362c071febaca8441db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
8KB

MD5
6cffc48555594eaed5f759f8c4fa1278

SHA1
8123c83d4c2d4dcb8b0dbb3433e395b2bb54d754

SHA256
aa4023f78dead89659aa26834babe95235d4d2a1007fced20ed87c7d1ec0e544

SHA512
30e95b5ef35e9b8a1a865c70ffd2231021b4e4f6af272ff894640bba6fd2ba091d016df32b8be5d4c10d610eefd836ff70ad0d876dbe6f89a6f3c288982c720d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
793b6c54247f2d1f522a08b3f25a88a5

SHA1
632b10b9a36ba350815aef74569746b2aa639579

SHA256
e25f33e56444c0bf12527c6e447b46c44bb8c21f8527d7b3d42482ad15beb052

SHA512
55937a1a74f6780508a829dc6a6aebcb82db950b6da7c5b1364d0a275b1cb30f50645cb6fecb8952b218d2f0e02f2b35a464f795887df32731c3209ac1c691b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
9KB

MD5
af915a12e86c0982411368b9fc8c9a68

SHA1
a9566e3c8d8630e6bf99a64e670275a091887552

SHA256
dff73c6d6cbe51d4ce833abe4fcebe90fbba96f557db39862866da3b2b4b2305

SHA512
dcbe57cdb751900f9bc6f6c6dba0bc0b7a9f355c55e2a3042c309935b19a2b3e71768f1411da33d1c9c0db938416758b1194879c27140e8aef8a30968b1da15c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
61262ab25b626fabfbbc18e5f7bef1a0

SHA1
59db38a4f662d788807984e448bdb435daa9491e

SHA256
01d53028716876ac5462d32bde95adbc6a621d14105920c5730199f9f3683b0f

SHA512
1ce4b8f8b3eca6a749a5afcbf8aea6b065f754b860f1d05bedd94074db780e86ebeae7095e59042c81eab12892580b8d048f8ce4f0879467dc106f9fb4d4c075

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
185169f9dfd2981329988ec3358510a0

SHA1
9f031d90af20b3f3a832bc3e47f6a7070747b3ab

SHA256
0157d4a93122144693f0b96fb13718f5897018f9064eb1ab79d43ef9f48e0286

SHA512
8d33c7c0a6ec9cf38c0a94c1fe8d364023b0004cc793e179fdc957e8b3831ab6567040ce88b7bc0bdedb0213d8deafd1d30c9fb9c9775cf1423ca9067d34f0a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
cbb6a0115c47adaccbb2157345e6a3a9

SHA1
ccf1ac1c018c676d793d3e4fa363771865aa786a

SHA256
da260a7c924be31ba2d2748632e635382a684c107256055e5e23429436a20a39

SHA512
043558841f705366851cf77c7a432a03d1db6e978d3b0e4d2159de9d0f492a10a3f89c0c941e02797bf80d60396863622fe17bc75a6142ad74678001e85507ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
ddf92b98844353b73a3a27683473cd1f

SHA1
6d0148db2356f8815871ed8a06e56cb7e9d2bb81

SHA256
6f251bc2dcabe90c8ca15abadf578cfdb9f267549500a2dc184e742997257353

SHA512
57d7475cc48e152a1511bea312440c2e35337ed3104c2a8d0babd53a712d0b3581d2d73db0d6aceeaf88695713a214e4a1ab73a6c99c0879995505e1195a1544

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
89e456955ce84979bdfba3f6071c006c

SHA1
5931a2f208d6fcf7fec94fc8b2f57b2a700959f1

SHA256
9de9338e84f4dfb9a889a441d1bf88f020ec628865699d9697c22cb974fa59b1

SHA512
47a6c5c5b1dc449ea36ef59e3e4cb448b286b314c1c9395b9408243630bba39ecbf0b78d3b50d69fd47834691228b0d3b13b8f1c2b056de5dbb6cda22ab196b2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
c802c4fb267e1279464dc7f4f1eced5d

SHA1
a41185171ee280390542d071a51a4c878f7e97f3

SHA256
832f06361b522430cf007f49bef906855eb409de7ba3a9587420e9868729e74c

SHA512
72781b0bcdf7c23a2c09f62668cd162428e8528e111083cfcfb1586f68b7420e2e91242d453a4e5564c14d8aa65ad1347817bf22892ddc27d0b033c3397cf6c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
9578da7a2cf7faa4ebfb7feacdf34e94

SHA1
39d40c699c4656c8770b1021d0cf5ea68ec4ebb0

SHA256
244ce6e3bfe6a2dafc723aa50b8b0fa1c9a3419767fdd39826b11298ffe7c906

SHA512
bce94931c3e5f3e7734a7f7511ab5aa533eac7c151034cbac66a0ebf2f1cbcea83f4197ea3fad8f70ea1aa6416fcd9fe5a3d651d4b826daeb00d27ab310617cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
c1271dffccfa8eb656f5dadd12f8f7d6

SHA1
c1b44460cccca02beb8156d63ff33088b9b1b24c

SHA256
92e5e1b626e8da3c7dcc27dedc32a0c4436b8d27a485f67e92cb6687649f2ace

SHA512
c2448cf7d25c7c681b74d712c3931eb8395fb23316b535d56b97b43307a82a9b873a0fc896e9157a52838dd0b4bf2ebe180cce8728f0790a0aaf0e8d0b2b3adb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
cc2c99531be21005b59398a17ec2416e

SHA1
f26fea6bf498d5afc4d1ed84baeef42a6eee863a

SHA256
e1cdb0b48795788c54fe243694cc337bbd9ba8cc24d374fafe041072896c256d

SHA512
385afa905d939858983213b94592fe20d6076d9566129cd926fff7cfa7063555f59e178c8d07cdc546d41b35857c1f8767f55ddac6083029dc95cb02d129175e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
f338c356f0b22a7830edc55cd47ad023

SHA1
529e2852aabca78103b962b3f3e81ddcbfe54bf1

SHA256
413f3d51194a768bda2d911de7145aa818440ec65f8d94a52707ac1035354104

SHA512
499fd148d467414bf50ef2363292bec318e5ded40eb83ad74f0964f9521cdbaeab2bed77b92cd41124e982a61b98c8744bd7ed562bd1c9849d234701697a4f29

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
12KB

MD5
3474c48ed90c3bef9e95f84ce89a8789

SHA1
cf8fc50ceeb5945a0186f97db600a7d666da15de

SHA256
8553c5797f5831b3503df3418e303a115e0c8b22c67fab617978c2d78c30bcc1

SHA512
3aab293a961ea845936772e9b77e4d32a813c5bb5a3deceecf970828e3e67edd7cc0bfe71e1d9789f053508804b7688d33ec249a56af2718c2a376ddd08d02ca

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
0664a4be90ba1bfaaf0f2582142686e3

SHA1
f03c44aae348c17112286d32f311fc974d1ed777

SHA256
ca17bfa34651e3f061cf0a9768287c440b386ec3bab1b4d2f2f658a8af5099c8

SHA512
7213cba036672e3b265461147e16d3693b0bc4ac92d343c86884e6e9acb337b9132a00b120869fe2e5aa734381a5b3ae52230dcd22f86448af0d7f05945468ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
00db8a9f6b4c8b297d823a53617da4c0

SHA1
1bf4a6200dea75bb8e8daa509e52c15f7c54c186

SHA256
daec70ca4e2c880d1df6135c2a05bbd8bbb6ce1653ff0162cd3afa0a726aa404

SHA512
ddc79252139411c433a14c4b3f74c80c7ec1a6822e88fec6a9442c22124ec05d59e3e62581610c78d064838185fb45ec13d6054069ca2680073d56d2f3d18baa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
93543b949d3b244dd0f777508a62e818

SHA1
210da160222c88f93d51dc6f4a7199374e70a507

SHA256
b0d81e619c7939a8830a03e66a0dbf3221cda81a38af1fd18ae2204acc87f36e

SHA512
a8c9fe38d10a644d781f78c672b72e9b9345a75dd37f9b33ae6a34a1238ed5fa4fce673335e7b5aa3dcaf612e5bcac121a9e817b6adb9029a7f3dad2e9a85f4b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
e02c55ab45caf033bf6af5c5805198c6

SHA1
6ede2be8c8f97ccafc8b5ee0e6a66ed404ac9532

SHA256
e0751db37bbd6762dfa274993c787f16cd6d8aa55b9ac9da8669da019e51ab13

SHA512
e7cf62a6c2bb92ef34e3f8a1cc8ae8b01ffb0a58ae53fe8fa0f574945a13c5030c816947b71c6da11345ca007f4068aa71a834fcff547e4312c92725fef853ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
10KB

MD5
8a6099ffc807c95d4a8b491c1b823c3b

SHA1
a1b4d0aad32dc402369d799c429b07ef2f87659d

SHA256
4f62c6cb7faba1d2c3f971d4115c216b38a99326cf046d468c172ef9766d5cee

SHA512
359e7d4b4fc4de5793fca8666629ecc80e0b2a07b6b57af3217195cca2c8391457bebee2d504a88fdaa4b155d6c05b7bdfd912d95685c24eaed2909f41f0b6ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
44b6a2e367e5624330e364ec4669441b

SHA1
c933956e2d5378b1982ab5af1217a38c10986fb3

SHA256
795733c9f900838d8df8bf3ec13d31663e6c6179704e391b3a8d1f4043ee9fc0

SHA512
00d6fd4cd9b7d631f618bfa7730d41b5733338bf0dd4259f4d4653fa7153c20eab02a08c1a1589815858658451990b72b40b0c665c93f3ef350567545e4c479a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
8KB

MD5
567c76ee3767e3f5e42e8a66dd1e0bc3

SHA1
810b58002f4dcc41e699a06190ec53207cc3a287

SHA256
7912214502c561f358af9edaf2d8cc8cdffe5e86bacf42f8ce54876e71d3eeac

SHA512
522759a13bc3a58fc153301d23da394a97839d9f0889910a817d9f69672ada7a7bca22bf57c4d2e1545763b40a1d8bdbfce08a0c39d4f42dba4099c7a2bcf8a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
11KB

MD5
3b93a8404e8477e79ca6202389c03c9d

SHA1
b6923bbf6fd21cb94c7d3119afe9369087470707

SHA256
5867d4f0983a52bbbc468ce949142d45c95e1b0b4d17b302742798a9565720bf

SHA512
e4ca1e29ca054df79c0a4927eca9c12264cf6cc8f6c82ba4a469a12e97999ce89ca452ecf5039e52eded03388032a558d9f234d047fa1ca1a3b613674cd8abc2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
6a98dc2e09e1fb9bfbdf2457e9ba1281

SHA1
15a84b45be549e07e33930bb8196d0d2f9a8604b

SHA256
4bf2c2f987d4b8c1360ddd623e4c72bdf5fa772dc1e8881aeece056ff2c7bb58

SHA512
3ffbf3761af7cafc1f76bd0c56a99a6293da5dda495289b6bb421c322b1ba52caaa6693f7f745685f96c70804a4f2d77953ff3ce9dbfdf80929466423d644036

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
8e4b9baae66cac44139d841961c8547c

SHA1
bfc35927aa1cbebe2d24aa816f6611021221181c

SHA256
37878f77fb0063ee8248e99a1ba1e89bb104b134d5456210ff47b8fce38736cd

SHA512
3ff1fb357f9c476dd1654889d0843f977387a8e2c9bd12277e82e08e9d1de689f38d770e56cb60a10e5399d0d06b3c3463aa43a2f600b3da86556a75b91e8b20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe620c5e.TMP

Filesize
48B

MD5
ef9b3c9d0d43b0cf6acf82e0374091b4

SHA1
980910a3cb2d4463478148110d687d39c8fdf74b

SHA256
acd95528875465ad62ea1a189563042b051cdb2d286db48614f7d08ddc57f486

SHA512
6ee41ae4fdca6ab74ffb25a77d557ab4a0e673a250648a8e693d45dea5ebd058b8884f4d2f852c3e7633748b836b46221824cd2d4d3a3f7c94f09f7612d0dfc5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
18ac1797c36c231c384316a1c4020b2a

SHA1
3adbe4a264c3df364745c79e642e140980d3d59f

SHA256
d88dd0daf952a84250066f450aa9a676d2d120b2973501ef34b635b23421dca9

SHA512
381948b2bb1459be7c49107065c05f992f1b900554718ae43181fa81349b90d5c46dd739a80320d084c4b6adea47d85ca295d53a5987c57d8adb2c973ec2468d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
2ed5dead935a4046509aa066becf48e8

SHA1
3595f8dbbadd855e96de587899c25164855003f1

SHA256
71eea2531e5f56993beb2ad06d086ccd61ace4a3018c893bb4066d28df58fa64

SHA512
3ed5d0d3dc7bbabc5a94ea02f8512f6803b41f1db993c1fa546099bbcc144d84adeaf20c2c6bb400cd8f3be82b02c136d6da31fee13665c5454dc958656934a9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
c197b438fb51305f8433103974ce2ac7

SHA1
36c4185a93fd8310a9eb576587bd003d925ad06e

SHA256
5bb92e968d83b7ad83b486e1d2ce46b8c541810df25ce016158bfcae9b46d834

SHA512
893bd215e7844300d2f95012760a284ae0c6997325ae17878e32ff032ae3647dc89d2cfccf92de4b29f2f6d5993c6774387df14b5f6f606e974589745cca5228

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
428d97d86919e720540b7d37494086c6

SHA1
b6bcb020746d6a814c3ae8659f0d1560213e0865

SHA256
f16e5faa13865b85c749f93ddaa2129233bad9700462beef0d4b222e6129326a

SHA512
2467e2fd4a5aeac1e43b4dd79720012ffcb501bc83d65240877c7c2124ce3e1e704978863282177f5a7c594ddfc8d8cf77cd0494da347c9629f409246cfbcdd9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
67fd2df25d0923c650af6f46bd37f9a3

SHA1
de5e10584115cf663dc89f5bdf7da2e6fe16cf23

SHA256
dcbb21fe613458a160b82a9e4a6c9191a45d28b4f74a9957dede6eb702bb79da

SHA512
eef878c5334c0a82142850a58d84dd49c7911e3f885ca5f0598672f3f7eff93897c731fe00d6beb1b012e956b30e931b4169f2cfe4407818561eec4fabc5f661

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
84537ac9300be2cb841aee660ca34eac

SHA1
9321a60da598ab45147d05271437720f2c1049c0

SHA256
c2be8ec0c15965926f8cc8cf19817a5367e00456ab6b971839e2022ff9349b46

SHA512
88a18060b0e2c6539fb089a75ce65f5e76b8805dea869482c3cf639e2ee1563f02cb83470d86ce08eeff88d6c0d01a99656aa4b45b2698be80a7e1b6df36ac53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
873B

MD5
27d2cd355a17d152e896f778fb2b4bfd

SHA1
6190c7f4154475d1ae6bc848c2464919e08b911c

SHA256
51ce6d95e9091b7e8a16dc4a1a225eede24909619248c3ee66a1287075992ee2

SHA512
ba1c165c1993875f1b6d30fb08c0ace262da98740595585806efc1cc7e6120735dbaf66153cdc1d11d12908b02491bcc70f4d8604263db7d7c2f13d29f0b0ac7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
483dfcbefc16e6d108c21850e17f4f41

SHA1
e490938bd624a8f2ec8a993800bc7ed0b2baf21c

SHA256
569a9ad53c4efb5e66bf4de877dcf6a78f584750ed5382fc7b0a23c1ef9c998f

SHA512
25e1eed7b59e559b4af666765fb9b2508ac90d8a93b5547d9467427c5908f16427ae4a428bc244231442c9ca2083b74901275167237e69d295f90e98dc3a4066

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
2c38ce392b4790fb8a5e056c78b58888

SHA1
5aa1d0e9c40959f23f6e8bf43cb25a114bd17d12

SHA256
ba7e9b52c6234b5de90fd414dee28fb6ea1768dd73c9c72111d5a567f3401477

SHA512
12c8500ffcbe7f5f7a172fd33ce5cdf39a1cff51774eaf236d9d78f8c3b2e36889cc4315067f59e1c96eaaf97439b10bcb1f318124dd2e44ce3007c02f41376c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
cae0999d4486e8a56fb9df9614a98048

SHA1
07ffb0f512e0330e9f261fe2d2de4da83e0f8a22

SHA256
50836db1de9b77448e1a8c653486b8a6fd29956417337dca1161f3981201e99a

SHA512
720e07eaacb71c3624b0939c46ff986d1ddadb06b82ea039b911a6678767b47d603e70135622cb2863949fdb623701865e5639061b355b95f91677a1e9996ac8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
890faa0a4f1c6e75bbb27655ccee8e94

SHA1
e7afa49225dfe0e7b034da722e6f7dd722faaab1

SHA256
f509e738c54daa4ad3105dc619e411e5fc0f8662020cfa7c2912991b74f91f8c

SHA512
92edeb31bf72e284e97ce537b4d916194b23a7d0fc34d19afa98ae3e5cd96e594fca751b63196c8586222a8a729d4d6aa54ac34b53b88457ec8f7554a15db307

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
28e785d04e3d5c27c3853dada75fdd9d

SHA1
f5e125334a2c332d446f5860249c4957cc4d8bc2

SHA256
4cfb15a9561bfeb171ea68214302cfb1138c12f268a04da69aedc484484b933c

SHA512
413e80d36d36c68075129fb65cd6c8cc98a92789786f94bd7101ccf45f587ba50028f1692ea6d9dec8e6d7c48bfa90e051d13d0c70720d17faa941ea87b4fff0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
4d69bc2194eccfad33608e5f08a68094

SHA1
4c70a36e1961a1bf7228c4baac6962b5aa16ea89

SHA256
be218156b7cbc13a412510ff4937798c872e8b6a0f273ef29464d68d5661891f

SHA512
6db188ba62d3dfb04fc388b155bf7df8abbcf4e4488840387264090f19cc81da87df5da62a8276fb5590b86c4a5e1ea632e3cbf455e7c24e568eeeb8db305285

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
b53c0d7ea92613587498066107a3b389

SHA1
00edf285cc128426e6dcda1cd8eb78b4c4a7df29

SHA256
7a2390dbaa8620f1d04732bdb2a4c237afd6545d5af740c5c0735c37a7f9bdb8

SHA512
a03e7685f5a12602de8e6ed91949b2435557dc1cdea28b9f10eee14a8ba9473f7a535e578aab2ef5b8ee1b77570323f87f71b01580bfeaf4e23d9d9d39e43400

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
63a3af9193a35b2e7b96b37d047e75f9

SHA1
a477b3c920b08ba749dab2eda1f5e6b79754e0b4

SHA256
bbc8cb20c9ad42017948cca2d863268e9bfff82642c084adc97b4556912e4982

SHA512
a92c57c5ff6dde587ab705f98663c50b4d8882015887a6b5a0116568bcca97546b9dd1ee38934dad02d75bac41d35016f67979c9e82ef0c7fd30e4392c4c09e0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
1628e535073c23b86f494c679da9fe0b

SHA1
22cef99cbda22798a6b4a412c0d062e5da4b226d

SHA256
598af5d82df84dcb9546140d754b52bd91ab827a22c3690996cd1e3131120e32

SHA512
36b52cd9103a3c8cccfe560082d7496776ae880bf070c3773fb0ca061c00b31d29efd5efe8346ed864678ce54d06a703922cd493ded0a91780ed618c5e71c94e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
9459c4c2b77156b183cee53da54ef64b

SHA1
ee6115a6a1b198718a499be08ad6426957ff3a43

SHA256
d5daddcb76ae318f7c92b775dd97a2c8a40eb98cd3107cd0dae291e1b38bbfbf

SHA512
0ad7019b2371baf78c7ca60d672f0858fa076f50aa445a3a7ad9853078b1a5de9d387d205541057b114365ef10505ac668d6f29eab943d14318667164bbddbd3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
c682ebfd72c805b61213e6444ca32ce2

SHA1
251895a221d194eb48bc879b34cc568ac2f06511

SHA256
1a2a570ee05586ea947d5e05a7d54bd6a9f77f4c8697d7ffe9034aa921485049

SHA512
d1e05ac6d7cfdcf7567a0a99d458ff481905bad32408d24543319f8d6fe39bf4724dd9cfdd2fb1a39ccb1af4358aec365e54dfd7f00079c7f0d3968b44003d0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
a497f476f8331df1b8bc7d396055ca7f

SHA1
fedbf31b98d329cb3e2f5bd0935dd919e1910abe

SHA256
bc01ccdcde93f0bf36d475a2dd548964a1ac9bb39d40ea1c14a4ee7f9c71358b

SHA512
f33c060528331c410adc30cddf6a8545bed89798dc2ecd292cfd037ce46e1ff89173046b520636c88dc12d72ed7b2553d55e5674ad7cd7e92a65a1bfc12e4d1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
17352827204c7a3fcc46968ead7a1f88

SHA1
0dd09cb2d0e4c788f65ae6c6aeb1a94f884db9f2

SHA256
b8701b85e26c5183a10961bb64469267f1397eac1908325ca718b75ddc8df2b0

SHA512
3207e4dcbc24aea0a134cf625a8c42d6f5dbc40eb3473a327a20452282b1a5807aeb85ee1e01edc62c84acc42e7512fd8f591d42d97014059e52b6a6cad56f87

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
0e0c137f781d77ebd1dcb7128b868eb6

SHA1
0824f4f4892cb65dd57e4061d79f632e463b4ed7

SHA256
584471d687425eb314c4d245b72b511665155dd55a11914e9ee726dd8998326e

SHA512
7c16e1424246ec97764e340a6981156ae742d381b6479e8383bfdb4050f6c6bb1cb24d4618c589cb5f00b060bd39b4afb068308774ee765691e8a244edbadfce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
ed15052e38d64e0fe77efed0852615d7

SHA1
b2342a317e0fd9448f31b091451fd9e4a3116e7d

SHA256
378dde1f830bf6502977ad9fb8055ab8b7da1f1569ba27264ba29155de7f718e

SHA512
69405bbab7ec294e5b3912f447883555b394bc9f30f38a552a66eaf90c5eacda623d10cb457ce57e2ffa3bf558cfc01022ad87993bcb20f183548387a5b299e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
07a002db5989f5602cd3b96813f4270b

SHA1
bbe438ba27ea562cc9be9a60e9d6a697514679b4

SHA256
b413f7d4fa96aee92523c78f174145f8436d7523f1ffcab32535fc96298d34b0

SHA512
131191ca21c8005ef779658e5b2fb2ea5317617032862c5cc06914933d220d73428dcef875c5212dea3af4921032bc0b49433055950daa57f0b28f0655572a72

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
3KB

MD5
5b0344006e6d0555648d0bfc1f0f2105

SHA1
6a026703709209f21325872411bfe8c043ce2d95

SHA256
5ec9ead8fdbfe34703d43c8d9f37d55fc31eb35adce309b926dd27477eadf962

SHA512
3a3a4267c757f0f3376d7d5cb1faacc37df0b92cb2157b1d370a42aa9294ec8c4c14a1a83778e65c8a8d58e16478bc9d9220b376ef3da804d8476cc521fbf9b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580bc3.TMP

Filesize
705B

MD5
c82346e52bfb553702e064c32d85e178

SHA1
2b98990928c17a40ac717f164e730d0d922255ea

SHA256
1e5aa991a107ce452c1b5d34e46d377cca90bf6fc51a899241e3f4e9ec683ea8

SHA512
379a5107de8982bb120a4ae8b2965fb1014c934cf7b2da2d0c73f2a83b3b1c198c63271aaede052535ba465f84b3e0041a62f6ab709c2eee58912d24a4c0a7a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

Filesize
128KB

MD5
f8732067021ddbfd28ae9435d520b6ce

SHA1
1b1fa6c9a376f3a44e0289b3a0808b5bf3bcfb08

SHA256
bef94a2b9f7b0f25a06386a122ec1325d2bf3b2cffbb93b4dcd6302897ad1986

SHA512
6bafede5417ff602ed10e429cd076cc664593f5fd0b6b9542bb9c1691508c6b6a55390930bd85d635ffcef3e964c4e2da82cf0aaccfafcd306398dafa920cd62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

Filesize
112KB

MD5
29032dc1f70548f02e90622dffed279f

SHA1
ef0bf0cf2a7ef5a06a53282e8ee32e30c5a0aa3a

SHA256
8cb0a12372c0b6d17134ce35189209264d4bb9442e332485f062fd0d39b5a3f9

SHA512
d94e04ba201e9510a1a6d01133ab535b612cce926044e9336f35aef0b62ed2fcb2ad3cd61f34ce3a3910491180f9750cac2cffbb75cc504eba4509fd57755513

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

Filesize
11B

MD5
b29bcf9cd0e55f93000b4bb265a9810b

SHA1
e662b8c98bd5eced29495dbe2a8f1930e3f714b8

SHA256
f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

SHA512
e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ffd0d1ce1d636de81ec0a13386ce5bba

SHA1
bffdc78b5bc5f467da24c959580c549422052605

SHA256
1a17874acc4139c04b821397698add95655bb79301dafc22a5b483e3b23af9b2

SHA512
de6d627ae567c4ebf98ea4a0e85aadce1729d641534307c15bdfbd05dec58cc629731c346c508a557cf1bacd08670e8bee1a51a787508928c0b8b32e8eaa3946

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
86748c0b218faa12737c5fe922870f25

SHA1
4d9ec43d69317a14a85a654387814974a206ed23

SHA256
69740d65294117a94f4c054c16b3a206565d4869dc8e992e5e9da5347fd80a6b

SHA512
03d0ff803290015c4d56150750508c8a885116d87f8f28472538e1301b50205837117d3ac31b16458a8ea5a4f7c3ae2b3a94ad24650e6a3e989dec72e65bebc0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
78f906ac60c837e62b7ff394a52eff51

SHA1
dcd5f64b1b79273c104475542dc84d34652c416f

SHA256
57d3fc140d9f0cb6a0cb6f7fb297460954958570a5b7f4940a36061b5f0f3772

SHA512
2a3812fd8ada33d31badc58c7054808a5ff4063e41609428af9824ffa9390c2f656356cf6073a379ddd8ba2d540f88f3840769bd489eff9e2e588e6be4baa65a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
3e92e9f0e6a7212ed92289948224679c

SHA1
4066710c1aac6f82cab2a8ea016cb9c7cd49cf1c

SHA256
21fd54a9b25fc3ccbdd1d85191a80e5a0ea729c7d49dceaadd2e88002eb54cdf

SHA512
4c76cbc03835aa9f1c7b6bb90902162f63ce88540c7e1b5d98e185b888f6ed767a9023615886e16bb8cecf6aee9476727a79af597711851adc9d973c4c0fec1f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
13ecfd854f55b85ff980692e63ef1bd1

SHA1
9bc7361337c136768cb7ff2ca9f015804bbcbf3e

SHA256
67496e3f53c31cbc2ecdba9a8e7d271b356022953c065e286933ccf236f38cf9

SHA512
31052f80934fdd1c8fd7c6af49118842e5849cab5d053f91886e8cd34371559d14883f79b789e718cc962cc922599a938755265fda801435bf8a9be17af07265

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

Filesize
264KB

MD5
f454995988d35d7954125f73cffd28a1

SHA1
a4be238f181d1d959ef56f3a4d4153ffe488a201

SHA256
1a9cbee13171e999d27ee1c555bfdc9568bb57fb423051a5d2577ad6cd7d735a

SHA512
c8735e2b3866c921fb32bf49a2a7e8dc02c56dc21031ec32a23c414bff26e2dab807380eefbd60a607ed92a2c3410134dd3f1d40b7c77601fe645c1e0ea57019

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt

Filesize
917B

MD5
c15ac66f15f6276214bbd8697a0a0540

SHA1
ce69aae6c66827ad80d11071cf7a371b77cf621b

SHA256
0be8970fccfc3e302717e8b2ecf783b87c10ecac8f2a1ab195ccd02ec71ac3de

SHA512
9220a97128b6124b7a6b62b69bb86fd842735fd0e5083ba1727a21223923d792ee3dc71eb4d03b8ad66ecb2a7fa8b49e1187d3e40c2708b36ea73d66fd3c4fa0

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt

Filesize
917B

MD5
9075bcec9c2ed5880c3f647922cde131

SHA1
fdd389b6bf1b8f6694b6d26823f642a764041d15

SHA256
763daeef1ae98362ee36ca7af213cbbe543d42c75db1b717cc3decedb9d4eb2d

SHA512
a4633a06a5bfac8cff8b03783b4809cd86a02bde65ca3df470b63ebac06c2d240085c2bd9079eb307b89715e4c17e931df406b2e86b5c65cbc699766a388ecb5

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\TempState\AILog.txt

Filesize
917B

MD5
7229e21c34ee6dd287490d486d6bf2e6

SHA1
f4a85641655199df3834ae6ac87ba98f2899228e

SHA256
82c5b8e49e142de2de6f2793ce3eb1fdc27dba3c82a89f05c54d1be1ed23b9da

SHA512
584e79bb58575ec671ce5a3e95f14e35050c6a89a4730d2681df507baa2d46252f43b3395164fa3090034dbe0921397986df96a1e19e5b0e3a0ec35f9a6b0487

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
e5f65c6debba3ee036f023d4ebbbbfaa

SHA1
dc658fbdc3e79c1b179c51d9cd13d46ca90dd65e

SHA256
08860db1895723a4fd066d964cbaa179fd8129d1bcda37cacbc50eb5415a2fbe

SHA512
3f95a6383cbbeb4950c90ddad570b876d24dbf0eb30b794595b69db1b473dc3a60745efac39185ae6edaa4e34e26bacf7e7739a0019d9906ba1bbe071263bece

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
2d786294af7b42c79dcb0f3a766464b2

SHA1
5d59b71614e8f4da5323ec066e2b687c7c1d53a8

SHA256
e0ad959963a119c6f779843f788eaf6e34e7668b9ce6b49fe89c10c2a580b49a

SHA512
eb25e24e05750e62a91941dc28003d999ed6c9b9001ffd0fa1c10b72e6d0dee4e30c3997bf374ce0d9156faddc9c6649fc295a63e468d65a710f04b26362fd08

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 138327.crdownload

Filesize
638KB

MD5
d8c78a11adeb9d417e060f513388891c

SHA1
ebf0de64379c96a764f9d5515b102081713c84dc

SHA256
d75fcea6d74810846d447672fc66edef1955f92b4b9de9dd3e0eca2ceb294639

SHA512
5fd1d99ef11308d2ea60502b8edcbceddb2dcde13bf740658784c283764273f3e40b16a79797c34d00284c45f7b390261e0b20304344dd528275cea3d2967099

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 362394.crdownload

Filesize
12.3MB

MD5
2036c5464771f2dfee9e93376d5ff48d

SHA1
57e86bc476f65ac86b21c49f66bc303b9219c1a5

SHA256
7d63f846280fd75c412bc16381479a35935a4a47fa6cb9d6b7f33f995329920d

SHA512
2575cd140dc0c9612787c2ae7f5b678354a9de088e0ba361fa66874f38e60e492a60f9710c8d905f71cba333e2f0795da6358576030b7b923e058c247c1ab854

Download Submit
C:\Users\Admin\Downloads\com.juliand665.Valorant-Viewer_1.3.7_und3fined.ipa

Filesize
1.1MB

MD5
9bf51c6c5edd6aca670c8299ec21345a

SHA1
046e3ec3c1aadd271115015408377302ea2357bd

SHA256
4f127930158841b5a029dc8283065277f4f68a07752496df93272c7510161954

SHA512
93c0d4760ff94461ec83a525e0f9879b2aa35de0e03407bf1adf7f8f5a5841eec9a68306746181263ff5a77aab0c67acf4eb4c46dbbdc87f2011347614737228

Download Submit
C:\Users\Admin\Downloads\com.juliand665.Valorant-Viewer_1.3.7_und3fined.ipa:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\ipasim-build-v1.0.1-2020-12-18.zip

Filesize
21.2MB

MD5
633539865b4884cb0af8147cbb16b610

SHA1
bca05d08324632a707ab21643967ce889dd4395e

SHA256
27817faf9c1b2142f78705a175728bdd75f8b69740f235e819433ca85280829f

SHA512
a784ea37fd7f71c7b7340591c839d79703c6e7b3ecb1703e9fc81eadcb1369a962149dbc3afe8e2265093a83f4fc57d69bbb59c6d1b79aca96dd9701b157898e

Download Submit