hxxp://on2it[.]net

Analysis

max time kernel
148s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
05/04/2024, 07:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://on2it.net

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2320	msedge.exe
2320	msedge.exe
4492	msedge.exe
4492	msedge.exe
312	identity_helper.exe
312	identity_helper.exe
6988	msedge.exe
6988	msedge.exe
6988	msedge.exe
6988	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe
4492	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4492 wrote to memory of 3548	4492	msedge.exe	87
PID 4492 wrote to memory of 3548	4492	msedge.exe	87
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 1892	4492	msedge.exe	88
PID 4492 wrote to memory of 2320	4492	msedge.exe	89
PID 4492 wrote to memory of 2320	4492	msedge.exe	89
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90
PID 4492 wrote to memory of 4500	4492	msedge.exe	90

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://on2it.net
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb3e2c46f8,0x7ffb3e2c4708,0x7ffb3e2c4718
  2⤵
  PID:3548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
  2⤵
  PID:1892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2320
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2772 /prefetch:8
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
  2⤵
  PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:3372
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4108 /prefetch:1
  2⤵
  PID:5116
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  PID:2080
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5384 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
  2⤵
  PID:2268
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5496 /prefetch:1
  2⤵
  PID:4344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1
  2⤵
  PID:4552
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4720 /prefetch:1
  2⤵
  PID:5384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
  2⤵
  PID:5736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2620 /prefetch:1
  2⤵
  PID:3052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1132 /prefetch:1
  2⤵
  PID:4348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6476 /prefetch:1
  2⤵
  PID:5428
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:5860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:5932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
  2⤵
  PID:1072
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6636 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:1
  2⤵
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6928 /prefetch:1
  2⤵
  PID:5376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6828 /prefetch:1
  2⤵
  PID:1328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4800 /prefetch:1
  2⤵
  PID:5680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4996 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
  2⤵
  PID:5544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:5872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1300 /prefetch:1
  2⤵
  PID:6084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4784 /prefetch:1
  2⤵
  PID:6120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:3448
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1
  2⤵
  PID:6104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7192 /prefetch:1
  2⤵
  PID:4972
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
  2⤵
  PID:736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7376 /prefetch:1
  2⤵
  PID:3260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6232 /prefetch:1
  2⤵
  PID:1764
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
  2⤵
  PID:4084
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
  2⤵
  PID:2788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1
  2⤵
  PID:4956
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:2260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7176 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7540 /prefetch:1
  2⤵
  PID:5756
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
  2⤵
  PID:5632
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:2976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1
  2⤵
  PID:6092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6948 /prefetch:1
  2⤵
  PID:5136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
  2⤵
  PID:660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
  2⤵
  PID:5720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6652 /prefetch:1
  2⤵
  PID:3944
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1
  2⤵
  PID:5648
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7268 /prefetch:1
  2⤵
  PID:6116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7664 /prefetch:1
  2⤵
  PID:2892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
  2⤵
  PID:4384
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
  2⤵
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1
  2⤵
  PID:2000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:3312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7716 /prefetch:1
  2⤵
  PID:5004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8028 /prefetch:1
  2⤵
  PID:5992
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
  2⤵
  PID:5936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8048 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7172 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8492 /prefetch:1
  2⤵
  PID:5400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7236 /prefetch:1
  2⤵
  PID:5636
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6700 /prefetch:1
  2⤵
  PID:6140
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1
  2⤵
  PID:5760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1748 /prefetch:1
  2⤵
  PID:1348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8012 /prefetch:1
  2⤵
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
  2⤵
  PID:6176
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8792 /prefetch:1
  2⤵
  PID:6280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8932 /prefetch:1
  2⤵
  PID:6296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9068 /prefetch:1
  2⤵
  PID:6376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2096,16456137100568171088,9174674969119040241,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6884 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:6988

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3488

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2420

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4d6e17218d9a99976d1a14c6f6944c96

SHA1
9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

SHA256
32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

SHA512
3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
31KB

MD5
125d03da113a9d3d4897a562bc51425b

SHA1
3aa6d307b9fdd46ade3a935bf8b1c7e273b8ee0c

SHA256
8db9536d039a1b748d48382520e7cf51ed787848652c24c80ce601d9225c8357

SHA512
958da724cc81406fa0a2deceee9f76b0e01163d4f48f8fbdfb6fb312938c5ba880be602c4d199299199c446c254c7493743c11ef242728e155396c6aa1630af2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

Filesize
18KB

MD5
8b6e332c64b836dc404b642117535d5c

SHA1
e0929f8e813fb42a818df27f920da1da9f87a587

SHA256
204791e6ae45c3507e556e5e85ab10f4e2b2f639ecd12d7c59aadc4d90f08e9b

SHA512
c338b5eb6bec77f2290a83d0922cb143277612d1e8141a47eac085557adcc1e6a5e4c5b1cd739dfdf9e78240d814f3008705ea1cda6376b44551cc20441b217f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

Filesize
22KB

MD5
56536bcbf0e041f0b370b7135998dc47

SHA1
7dd2e7d8f329edd9c2c6e227a497c152fcea612a

SHA256
8f03440fe8778c5e8f6ac3d71b0b8d0cf08bf9379fa941a878bbe8e6dd9d3970

SHA512
1c4895c814505c0f0eb82586d5bd44c0296afb9d40b42bfac31dce0aa424081b013e8b19f767922295257f73db0d72af022bbf44d48226bf58d0de7dd8cb2af4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

Filesize
24KB

MD5
b82ca47ee5d42100e589bdd94e57936e

SHA1
0dad0cd7d0472248b9b409b02122d13bab513b4c

SHA256
d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

SHA512
58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

Filesize
198KB

MD5
319e0c36436ee0bf24476acbcc83565c

SHA1
fb2658d5791fe5b37424119557ab8cee30acdc54

SHA256
f6562ea52e056b979d6f52932ae57b7afb04486b10b0ebde22c5b51f502c69d1

SHA512
ad902b9a010cf99bdedba405cad0387890a9ff90a9c91f6a3220cdceec1b08ecb97a326aef01b28d8d0aacb5f2a16f02f673e196bdb69fc68b3f636139059902

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013

Filesize
97KB

MD5
f8cf6749aa90b7baff922a35f935db61

SHA1
9fb1752a597ff987ae6ba02323d06e858e2a0f67

SHA256
91742520482c637c3c9dabe143741c569b022fd80fe157d154d57d74638652e9

SHA512
9324188bcd9f3f01a79e2346032afdd3e62b18d0c67eb3d567a0badc64d0dfd7dabc99c58711a1c235ec7b27bba6cfc5be55ffbb5d3ae40713ba7480f5222629

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

Filesize
33KB

MD5
a3181a27069a1143aa23d167695ef871

SHA1
71d688fbe4a98dd13c17210eedb387e627004061

SHA256
26007678002cb23ae5ae69ae90459cc6608d7f708bd3a3fb87e371b77109fb6a

SHA512
b1781a94fa111d65198609454bd0c1acc0f460003b47a2db81f5cd50d52bd9812ef6454b79bce14f58104881207b5789767d9f28a08459b7b27b5a425f90f966

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

Filesize
16KB

MD5
035a78b0c285e17f0f8777c02657c0a0

SHA1
74568e501157be29a6ff96142004197ae1528f6b

SHA256
d55aec08460d0be2e38f067c65e2e2b94d296268eaf4e871e3434cfa429c140e

SHA512
6c9efe969675425ffad0cfa1a9ea83c3b8c2a2872798a4b362f746fa786d4b26ac24441cb9713700c9652dd7ac97ecce89afc56936d0ad8995e6abcbe3934fa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
100KB

MD5
20ae9b0c5230634a5d8c9bcbf77c8c8a

SHA1
8f820c1eef81d5005ab64762ce55fd2ee85d2be1

SHA256
1b0062d388f118ca68e5409370e7e5b9da614267cb1213343723d2b0c6a286f1

SHA512
df1f3248d7a3112831fb2aaffe6c92d313a77a0b5a11c5ec91177355091b6563cc777b96bd7e06dfbc417dd60cbfffbcf2611d73ecf556cb2cfb15bffd073aef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3563cf3a5b45b55b_0

Filesize
232B

MD5
a8f5d74952c254dc8714a63b3dc0f886

SHA1
d5a04be3241aee8f6d5ae3ccf16acf67110a733c

SHA256
72df47452326c8c18cf20321890219c6b31b742842f5855584ea00323f76bf80

SHA512
2ff29aaf862b6e331e7b9801ef6149e22ecd8c6a56b3a5ff3d8e785c2ed27689ba556b423441412107b7a5d602df44c2471bae7c22f5d46a4679aad63aeb47a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3563cf3a5b45b55b_0

Filesize
19KB

MD5
2534376dcda6ca678e0bd841cc617600

SHA1
dc20baad60ebedf3a89203cd84e9198bc07dfca6

SHA256
35124723eb5ad2d67c8b9d31c9de39eac912ccc1f10398856ae77e3939df4227

SHA512
de0103a0c6b1390ac12de89ab62b3889a1e3f2eab771e01aae28fe99e4e3ae1df96a2162c8a0ee2bfac61b0c282e2104c6a3bdc0627e54950b9f4ed88b2920bf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\80089a7b3438c897_0

Filesize
289B

MD5
58fd76e2e5999e2d4c83006ae5e2196c

SHA1
aadd193fc61bca238e90407ab9dbc97d4af07320

SHA256
a54d150d006f373acb3120a4158ef6b3f8c46767739e65d97daf9a3ecdecbf50

SHA512
b874a6ad72bfc18d6fbb18160bde88fc8d7e5e8ceca7c4b873436f40de22274c8c949dcc339df599e61f77e45b8506a06a8684a39ba204d89403afbc6e084e37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e676f77e86e793ac_0

Filesize
326KB

MD5
a981b98ee7acb2f5d379c497563a8f55

SHA1
70ebb13d0defba964ecfc17abb5b811760607e79

SHA256
54c5ee05956e7c48d473373951f1382c8f84feb01cba044719437939fb6e969b

SHA512
9cac80817eba59f4c3f0cfc46ea06ee5fdbaf54ca5569f048053a9b1e65f24aa2edd59c3d7be5fe61f7c0b351225a85b2adc80272641a8f6a173345cb7a7600a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
c9b4d8956cfabfab264330b0d33db0f3

SHA1
c117c8d12b7340309387f2bc3b9544fe37916134

SHA256
6c3beb9e84ab87ca8fc64a8092c34f9ff2132ff6b3ec0909942b1e5bbc049330

SHA512
99f180827f5000a1f8588395ff1f236b146f0b32cc12b2dfc584076d14cc4393cb39a946debbd1fef051dbf5725ed58c82e6dd0af8f2ad1e8475dbf943ba9777

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
c27118c7040803d09bbbd36d875965f5

SHA1
84b2fcfd82ced6158ebaff836d94780125a95fde

SHA256
6bb96b80ecbbc4d3540f036df14676681e0908da65e508af91fc9869a78f8c9a

SHA512
84822575074651d98b1da8ebfe6e61cc0c7f9d74061bd50deffbacfbc324129c4ae80ca144feeb734c12a22e396ea9500cf0835990deec071449437029c51881

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
d535dc0affddc12af6aa8a9336535474

SHA1
1cbbb1e4470deb60ebd86636af9ee1b7cc286c67

SHA256
87bce5440a8f5e942c4bb0b54ce6d295938bf36eca2df3d4a1e0cde9451b1ee3

SHA512
b300349356582d6ef321c481ae948b1ecf7407b638c94779abc7e6cc4696385f54da806e9e2c1df2da84e1562fa4eaaaa21bb390bb0cf8c888eb61b235889e09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
2c6653313c73788167581e6e8753a818

SHA1
8d1c0e1179bc08bcd3152591fd76097b85bc3ac4

SHA256
e43f1ffede6011319659696ca3375ed1f04b77b49b24170343b5592271183794

SHA512
38165027a8a16ce8eb0e7ce1a0efbf29a0559d8e99e0ba7c0917b07a70ee72d31c2961e85d71933c5edc35948da16596c36e5e8451c5866207c908d92b578849

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
843e86761436a889d771709c48a3e9e5

SHA1
09ac9f4c41a236645e3eb4efbe9ea53aa6faf7a7

SHA256
4e89f94c37bbbf406673f8adcea550e945774882aff1dd1d969131a41eb2ccf4

SHA512
e0269baaef0df4695d2a7eff6a811292f51d9f845762e834e2669f4dc57edf47b9bdc0b681e5b2f948a3ad8d399bbc2420628e8106ccbfe591b568016504521d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
a73be98b11964045a2bb7661bf7ac160

SHA1
c39a8bf8752ee7e1fbb529a50e86629439bb7446

SHA256
2913a94106e640816ebc70edb73bf60a19438b8396f567d018734ccf579e262b

SHA512
29cbe1670fa8a9f9c414c064adc4c0bb2b89d0bc88b2b503e6ebad0e2fe62be35ffe7a6419182cde6d487316bbe1d6649a8d3e6fbde817c4d06e64f3eb8c546d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
bb9eae31644c9734743b8bed62f3f083

SHA1
f52d36b7f689b65f6d294cd159a8bfb4333ab9df

SHA256
61fa9e57faf654d623d315308da6a298d85dd4a5c79f0969379eafc6bc8c3635

SHA512
80f671c2d91c1adfa7713d9abc90773ff75dc4a1045a6147d97863a15e0906b040f5db57e16330e221a223b60d843e8dbfa270c4cc828d8b95ccb8fa5297b842

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
9KB

MD5
34964bbb9059d0caf8ab730ddbc9957b

SHA1
db6b6b3e0a45bc0aee49dc14b2b251304f45148e

SHA256
9e9bfcad6ccf325a3f44d5a247579d0dd023170cc3383b514e979b743c15a6b4

SHA512
999177a198b97cbcf715e932e69f7df86892dba6a8412551ed8a1c0c5db1ae3b334f627bc0e3fa2014cdf13431546b02c646d93f69943146a99a467ac3194521

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
450d14372b6c56790484151f3110196b

SHA1
9c5edffaa0c2cc7d12a574a1ee1315f198216d83

SHA256
e45c0e1b3ef0da0ac9b02cc8af40aaeb8fd55e003ef25ce4d689d0a05ade1fd0

SHA512
fa0f11c2c3aef0219fb93e1fe8bfedb152d15b6dfd4e7455cd312f53249c42fe5ceeb73a1086bfe2b4725a0102f9d48aeabbee624ba5b45035ea6431b0b02bcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
c2ef1d773c3f6f230cedf469f7e34059

SHA1
e410764405adcfead3338c8d0b29371fd1a3f292

SHA256
185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

SHA512
2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
23a6e5ae13dc33a8565a13e24c439ae5

SHA1
158a79a589ebc85d6682d41af6904e3113b9ad84

SHA256
b77d92fd828ab08615ad453e4a81b264687fb8aa1150942831f3128ce5629206

SHA512
ef8ae5f8e5a8bb5ab88f15ab8127280c531a0759339a71ac282ba03e2d411a9e6eff0c99b4900109376c5b7c42766a9241ba10084801e2706f42c7c78c86180c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
534B

MD5
ed397664131c5ef34b767eb04e85f253

SHA1
b24e050b332b95022048b88277fcda8c5eff94d6

SHA256
35096c0e8c00ec7ce40a5427e2a179e5764b359e53f736615c7dd39549d7de1f

SHA512
9bef98773d9e92bdbde55034db1a9e949bd803dc89125159c1285b960a7dc57265cc3a15926cc95bed1a951f7f5f52dbf628b0efbd6e00daaac954f2eaad181d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
538B

MD5
3dd279c66c5b768726f16a8e561e77f9

SHA1
04fe03655164fcc214c6424836698e1d090e8706

SHA256
1a405cba03c17ad4bb1fd4b4c9a777228fca98097669ba98defcd44b3e4914e6

SHA512
5d47d5adb6599dee22741fd9bbd2b1760d2b929630af6124be6981a57a58378f44afa75cff6d31efef1c48a9ace66b926fd003426997d4cd49052234d4771855

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57c9b8.TMP

Filesize
371B

MD5
2929edbaf2dc965ab164fe8a091a1b5d

SHA1
c9d50e298212ee8157c2a051b802fb5e1c98090c

SHA256
58a4bf0a876793aa703455ba7b2158aebcd939a27076c5b7fa6f23848c5a81bc

SHA512
5d7adfedacddc717ec185725046bf70c54d2ace03015d1b03a55cf17ff86d41a5fab000278f2245108906a9cb31111d7c83aa22dc55e1548cf4b1118a32d06dc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
434e16ab2f28ef2c3ca1b26fa3252c94

SHA1
cb1c4c837e87bd887773c2cc9757d26e81a4c31d

SHA256
2f40c0313a7c9aece6fd1cba0843c3de41c3e386a3d5d4892a3a0768ea31966e

SHA512
60c298f8626b74e044f5d8a36e5bf5b820c3893d9bea8bf865951eb2147f4fd67169c4abc83cabbe097672b4c04823185f1e86270a220797e17a98f159cc834e

Download Submit