Resubmissions

10-04-2024 19:40

240410-ydkgescg9z 1

10-04-2024 19:27

240410-x6ewzace5s 10

10-04-2024 19:16

240410-xzannshb36 6

10-04-2024 19:04

240410-xq4kdsca2y 10

10-04-2024 18:56

240410-xlmq3sbg4y 10

10-04-2024 18:54

240410-xka1wsbf9s 7

10-04-2024 18:49

240410-xga7gsgd82 6

10-04-2024 18:41

240410-xbrmaabd2x 8

Analysis

  • max time kernel
    375s
  • max time network
    388s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10-04-2024 18:41

Errors

Reason
Machine shutdown

General

  • Target

    sample.html

  • Size

    467KB

  • MD5

    12b9d6652e7d1689ed510c50c53bd38c

  • SHA1

    013a1cc01a97a97d9b18dfbafcfec91a57e6232a

  • SHA256

    4b1aa26e12d9f06ba494ad2e2223466c8ddc5bc61b5f189630dffea54f3d93ce

  • SHA512

    0ce40b9a4d137d99330f7bc2776734d121d485d3f1e3af23ede4bbebead330c30de2c4568029303259812d591ef7bbc52bd1f16d8912dd5ea006523008346e7c

  • SSDEEP

    6144:DFoiM/iMTiMkiMriM2iMSiMliMziMViMuMt:D2iciiiViQibiRimiIiOiXMt

Score
8/10

Malware Config

Signatures

  • Disables Task Manager via registry modification
  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Sets desktop wallpaper using registry 2 TTPs 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Kills process with taskkill 2 IoCs
  • Modifies data under HKEY_USERS 15 IoCs
  • Modifies registry class 6 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 30 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4180
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdfc2d3cb8,0x7ffdfc2d3cc8,0x7ffdfc2d3cd8
      2⤵
        PID:4992
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2032 /prefetch:2
        2⤵
          PID:3600
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2428
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8
          2⤵
            PID:3280
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3200 /prefetch:1
            2⤵
              PID:4940
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
              2⤵
                PID:4908
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3888 /prefetch:1
                2⤵
                  PID:2132
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
                  2⤵
                    PID:4660
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
                    2⤵
                      PID:4668
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
                      2⤵
                        PID:3528
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
                        2⤵
                          PID:1328
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5140 /prefetch:8
                          2⤵
                            PID:4676
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5548 /prefetch:8
                            2⤵
                            • Modifies registry class
                            • Suspicious behavior: EnumeratesProcesses
                            PID:584
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5788 /prefetch:1
                            2⤵
                              PID:2400
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
                              2⤵
                                PID:2980
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
                                2⤵
                                  PID:72
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6452 /prefetch:1
                                  2⤵
                                    PID:4984
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6644 /prefetch:8
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:4324
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5572 /prefetch:8
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:2112
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6276 /prefetch:1
                                    2⤵
                                      PID:3472
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1236 /prefetch:1
                                      2⤵
                                        PID:4392
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
                                        2⤵
                                          PID:4836
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1
                                          2⤵
                                            PID:4776
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5868 /prefetch:1
                                            2⤵
                                              PID:2380
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1
                                              2⤵
                                                PID:3616
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
                                                2⤵
                                                  PID:2764
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6684 /prefetch:2
                                                  2⤵
                                                  • Suspicious behavior: EnumeratesProcesses
                                                  PID:1616
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
                                                  2⤵
                                                    PID:4392
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
                                                    2⤵
                                                      PID:4176
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
                                                      2⤵
                                                        PID:1944
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
                                                        2⤵
                                                          PID:1048
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3624 /prefetch:1
                                                          2⤵
                                                            PID:1772
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3616 /prefetch:1
                                                            2⤵
                                                              PID:2720
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1892 /prefetch:1
                                                              2⤵
                                                                PID:956
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
                                                                2⤵
                                                                  PID:2128
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5500 /prefetch:1
                                                                  2⤵
                                                                    PID:2564
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2972 /prefetch:1
                                                                    2⤵
                                                                      PID:8
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
                                                                      2⤵
                                                                        PID:3124
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6644 /prefetch:8
                                                                        2⤵
                                                                        • NTFS ADS
                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                        PID:4604
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1776,7883917275529890666,17937511673684537250,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1
                                                                        2⤵
                                                                          PID:968
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                                                        1⤵
                                                                          PID:2384
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdfc2d3cb8,0x7ffdfc2d3cc8,0x7ffdfc2d3cd8
                                                                            2⤵
                                                                              PID:1416
                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                            1⤵
                                                                              PID:4872
                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                              1⤵
                                                                                PID:452
                                                                              • C:\Windows\system32\AUDIODG.EXE
                                                                                C:\Windows\system32\AUDIODG.EXE 0x00000000000004C8 0x00000000000004DC
                                                                                1⤵
                                                                                  PID:3336
                                                                                • C:\Windows\System32\rundll32.exe
                                                                                  C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                  1⤵
                                                                                    PID:4020
                                                                                  • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe
                                                                                    "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe"
                                                                                    1⤵
                                                                                      PID:4968
                                                                                    • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe
                                                                                      "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\Alerta.exe"
                                                                                      1⤵
                                                                                        PID:812
                                                                                      • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\000.exe
                                                                                        "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Trojan\000.exe"
                                                                                        1⤵
                                                                                        • Enumerates connected drives
                                                                                        • Sets desktop wallpaper using registry
                                                                                        • Modifies registry class
                                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                        PID:3344
                                                                                        • C:\Windows\SysWOW64\cmd.exe
                                                                                          C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\windl.bat""
                                                                                          2⤵
                                                                                            PID:1896
                                                                                            • C:\Windows\SysWOW64\taskkill.exe
                                                                                              taskkill /f /im explorer.exe
                                                                                              3⤵
                                                                                              • Kills process with taskkill
                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                              PID:4316
                                                                                            • C:\Windows\SysWOW64\taskkill.exe
                                                                                              taskkill /f /im taskmgr.exe
                                                                                              3⤵
                                                                                              • Kills process with taskkill
                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                              PID:4900
                                                                                            • C:\Windows\SysWOW64\Wbem\WMIC.exe
                                                                                              wmic useraccount where name='Admin' set FullName='UR NEXT'
                                                                                              3⤵
                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                              PID:4860
                                                                                            • C:\Windows\SysWOW64\Wbem\WMIC.exe
                                                                                              wmic useraccount where name='Admin' rename 'UR NEXT'
                                                                                              3⤵
                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                              PID:2024
                                                                                            • C:\Windows\SysWOW64\shutdown.exe
                                                                                              shutdown /f /r /t 0
                                                                                              3⤵
                                                                                                PID:1152
                                                                                          • C:\Windows\system32\LogonUI.exe
                                                                                            "LogonUI.exe" /flags:0x4 /state0:0xa39c4855 /state1:0x41c64e6d
                                                                                            1⤵
                                                                                            • Modifies data under HKEY_USERS
                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                            PID:744

                                                                                          Network

                                                                                          MITRE ATT&CK Enterprise v15

                                                                                          Replay Monitor

                                                                                          Loading Replay Monitor...

                                                                                          Downloads

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                            Filesize

                                                                                            152B

                                                                                            MD5

                                                                                            caaacbd78b8e7ebc636ff19241b2b13d

                                                                                            SHA1

                                                                                            4435edc68c0594ebb8b0aa84b769d566ad913bc8

                                                                                            SHA256

                                                                                            989cc6f5cdc43f7bac8f6bc10624a47d46cbc366c671c495c6900eabc5276f7a

                                                                                            SHA512

                                                                                            c668a938bef9bbe432af676004beb1ae9c06f1ba2f154d1973e691a892cb39c345b12265b5996127efff3258ebba333847df09238f69e95f2f35879b5db7b7fc

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                            Filesize

                                                                                            152B

                                                                                            MD5

                                                                                            7c194bbd45fc5d3714e8db77e01ac25a

                                                                                            SHA1

                                                                                            e758434417035cccc8891d516854afb4141dd72a

                                                                                            SHA256

                                                                                            253f8f4a60bdf1763526998865311c1f02085388892f14e94f858c50bf6e53c3

                                                                                            SHA512

                                                                                            aca42768dcc4334e49cd6295bd563c797b11523f4405cd5b4aeb41dec9379d155ae241ce937ec55063ecbf82136154e4dc5065afb78d18b42af86829bac6900d

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

                                                                                            Filesize

                                                                                            64KB

                                                                                            MD5

                                                                                            d6b36c7d4b06f140f860ddc91a4c659c

                                                                                            SHA1

                                                                                            ccf16571637b8d3e4c9423688c5bd06167bfb9e9

                                                                                            SHA256

                                                                                            34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

                                                                                            SHA512

                                                                                            2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

                                                                                            Filesize

                                                                                            67KB

                                                                                            MD5

                                                                                            d2d55f8057f8b03c94a81f3839b348b9

                                                                                            SHA1

                                                                                            37c399584539734ff679e3c66309498c8b2dd4d9

                                                                                            SHA256

                                                                                            6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

                                                                                            SHA512

                                                                                            7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

                                                                                            Filesize

                                                                                            35KB

                                                                                            MD5

                                                                                            a053b626552864ee4e93f684617be84c

                                                                                            SHA1

                                                                                            977f090d070e793072bfb7dce69812dc41883d4e

                                                                                            SHA256

                                                                                            25b3ad881a0a88c6228e12688078638fe0b96210d0f0e20721e3c911a5b37dd4

                                                                                            SHA512

                                                                                            f7b444b1a1c465a4614cd1b9bd678875251f44e227abaaaf1fa6b35bb67bb25932b9b11cc8fabd19d2d5d6e80c6ad0b15149869e6e41f6345db3d49f08683e36

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                                                                            Filesize

                                                                                            19KB

                                                                                            MD5

                                                                                            2e86a72f4e82614cd4842950d2e0a716

                                                                                            SHA1

                                                                                            d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                                                            SHA256

                                                                                            c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                                                            SHA512

                                                                                            7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                                                                            Filesize

                                                                                            65KB

                                                                                            MD5

                                                                                            56d57bc655526551f217536f19195495

                                                                                            SHA1

                                                                                            28b430886d1220855a805d78dc5d6414aeee6995

                                                                                            SHA256

                                                                                            f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

                                                                                            SHA512

                                                                                            7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                                                                            Filesize

                                                                                            88KB

                                                                                            MD5

                                                                                            b38fbbd0b5c8e8b4452b33d6f85df7dc

                                                                                            SHA1

                                                                                            386ba241790252df01a6a028b3238de2f995a559

                                                                                            SHA256

                                                                                            b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

                                                                                            SHA512

                                                                                            546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                                                                            Filesize

                                                                                            1.1MB

                                                                                            MD5

                                                                                            d404b61450122b2ad393c3ece0597317

                                                                                            SHA1

                                                                                            d18809185baef8ec6bbbaca300a2fdb4b76a1f56

                                                                                            SHA256

                                                                                            03551254e2231ecd9c7ee816b488ecbde5d899009cd9abbe44351d98fbf2f5fb

                                                                                            SHA512

                                                                                            cb1a2867cc53733dc72cd294d1b549fa571a041d72de0fa4d7d9195bcac9f8245c2095e6a6f1ece0e55279fa26337cdcc82d4c269e1dd186cbbd2b974e2d6a70

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                                                                            Filesize

                                                                                            32KB

                                                                                            MD5

                                                                                            bbc7e5859c0d0757b3b1b15e1b11929d

                                                                                            SHA1

                                                                                            59df2c56b3c79ac1de9b400ddf3c5a693fa76c2d

                                                                                            SHA256

                                                                                            851c67fbabfda5b3151a6f73f283f7f0634cd1163719135a8de25c0518234fc2

                                                                                            SHA512

                                                                                            f1fecb77f4cdfe7165cc1f2da042048fd94033ca4e648e50ebc4171c806c3c174666bb321c6dda53f2f175dc310ad2459e8f01778acaee6e7c7606497c0a1dea

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                                                                            Filesize

                                                                                            74KB

                                                                                            MD5

                                                                                            bc9faa8bb6aae687766b2db2e055a494

                                                                                            SHA1

                                                                                            34b2395d1b6908afcd60f92cdd8e7153939191e4

                                                                                            SHA256

                                                                                            4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed

                                                                                            SHA512

                                                                                            621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000044

                                                                                            Filesize

                                                                                            24KB

                                                                                            MD5

                                                                                            e1831f8fadccd3ffa076214089522cea

                                                                                            SHA1

                                                                                            10acd26c218ff1bbbe6ac785eab5485045f61881

                                                                                            SHA256

                                                                                            9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac

                                                                                            SHA512

                                                                                            372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000045

                                                                                            Filesize

                                                                                            59KB

                                                                                            MD5

                                                                                            063fe934b18300c766e7279114db4b67

                                                                                            SHA1

                                                                                            d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd

                                                                                            SHA256

                                                                                            8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e

                                                                                            SHA512

                                                                                            9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000046

                                                                                            Filesize

                                                                                            21KB

                                                                                            MD5

                                                                                            e1bcbcbff08ad26b8ccc9c0a82c5b703

                                                                                            SHA1

                                                                                            de44d9ba23492404a7663ace05f82147af193268

                                                                                            SHA256

                                                                                            8701fd45aabbacc8605d62ec6f64ea910c1bb844b0975f2e78f6e795a122a1d7

                                                                                            SHA512

                                                                                            f4a011fb066bebe222213462e2fc691ff109da417e1f1909ad16c6a561cb09fc0fdf9a1991d2b748b304701d6b04c903958212c83dd67f890f891f22ea194406

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

                                                                                            Filesize

                                                                                            44KB

                                                                                            MD5

                                                                                            a9ed0f3a37bc313d7df62e595ca1ce2d

                                                                                            SHA1

                                                                                            3cd166ea5f37f3f645ebf7ee064057f7cd013eef

                                                                                            SHA256

                                                                                            3a44f7be6fcf889e508b789374c0fe29344dc6fa7a25348083888f7c98f0c57a

                                                                                            SHA512

                                                                                            6631523a8bd34ec39c69b2361c2192abfa998bea86d8690f0f5d25124b1ea4cbbef0e1d406b0afeffa5be537b9c75154fe7710c80650d9885ba81a444a30a5ac

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

                                                                                            Filesize

                                                                                            23KB

                                                                                            MD5

                                                                                            8afc0b779211c04de66abb7d3a425b6e

                                                                                            SHA1

                                                                                            cfa3994bff79c945aa3552852aa75801f7029782

                                                                                            SHA256

                                                                                            74fd2a65c888063313021b081707991510bfa53e9869626a05c2f4610e006daa

                                                                                            SHA512

                                                                                            9a9c44507d3810789fb4dc3332d327666f05ae67f8a5fa5d91c8e3d03e91801bf0be550d226824167419d26649d65e684cf41fd0bcca7dcdebf85d518faa211e

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

                                                                                            Filesize

                                                                                            49KB

                                                                                            MD5

                                                                                            e1f8c1a199ca38a7811716335fb94d43

                                                                                            SHA1

                                                                                            e35ea248cba54eb9830c06268004848400461164

                                                                                            SHA256

                                                                                            78f0f79cdd0e79a9fba9b367697255425b78da4364dc522bc59a3ce65fe95a6c

                                                                                            SHA512

                                                                                            12310f32ee77701c1e3491325a843d938c792f42bfdbbc599fe4b2f6703f5fe6588fbcd58a6a2d519050fc9ef53619e2e35dfadcbda4b218df8a912a59a5381a

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

                                                                                            Filesize

                                                                                            21KB

                                                                                            MD5

                                                                                            939b17598242605d4cda089e4c40e52a

                                                                                            SHA1

                                                                                            cb7e96bbb89879ab97002ef7764e868d8536fdbd

                                                                                            SHA256

                                                                                            14d0a9ba41b036d7702963b2f0048a670f138372fbc3644ec4f009cd3184e041

                                                                                            SHA512

                                                                                            d62140ff22453508964a7fc40602adc68b2ceea883eb7e77206a84569b2cb6ffad4b0796371ca28ce1a7110adf58786b374854d5fb1dc53a42588d61c79143e7

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

                                                                                            Filesize

                                                                                            151KB

                                                                                            MD5

                                                                                            da800376add972af643bd5ff723c99a5

                                                                                            SHA1

                                                                                            44fe56009c6740ec7e25e33e83a169acff4c6b6c

                                                                                            SHA256

                                                                                            bf252b560c9cc78dfa63abe0ae5caa03b83e99b1ca5fae3c9515483c57aaae3f

                                                                                            SHA512

                                                                                            292819ce339d4546d478fc0aca22ae63f4b7231f6a0aca3fbe1069d53ad09e1e3c936205cdbeb53bbedbfcbc33f3b6077f84364a150f7627f87ac091de08952d

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

                                                                                            Filesize

                                                                                            20KB

                                                                                            MD5

                                                                                            8b2813296f6e3577e9ac2eb518ac437e

                                                                                            SHA1

                                                                                            6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86

                                                                                            SHA256

                                                                                            befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d

                                                                                            SHA512

                                                                                            a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

                                                                                            Filesize

                                                                                            65KB

                                                                                            MD5

                                                                                            0f8092bcce67b0b6b4a308c8887cf0ed

                                                                                            SHA1

                                                                                            a12fd75c93ef65aa7d0b6140bd515334e384beff

                                                                                            SHA256

                                                                                            c410d812fc6eeb6e0f02c719f2d26fe81b0b9d931a3aa29838ca1c29ad43413a

                                                                                            SHA512

                                                                                            435c6bfd39ddfdcc47c80d396eaa557843083d00223f576e4de3dfde9ebd64c507678ffb994ad0d9c18b17a0b9edf69238f3976554ffd0118c3ab7c9190917af

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004e

                                                                                            Filesize

                                                                                            23KB

                                                                                            MD5

                                                                                            efe81e4daef615b00dbe73ce495ca572

                                                                                            SHA1

                                                                                            efa6284b26573a32770851c3ccfc54de3d6642d2

                                                                                            SHA256

                                                                                            8a2115d91ed4df1f74c0bff1d7800c6c776fed3addf7e6ce4637a1bd0c9f81be

                                                                                            SHA512

                                                                                            a561f8475dc2ec744dad499bfdb45b5c113a216d93c3873321e9fbbf22dfdde932af4dedd5819f4f4e0c8bd614efb77e68825561aaf05ec69c19df6eb7271b06

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            a14fa8618f8ad07b192741d4762ab92b

                                                                                            SHA1

                                                                                            e9c3e9162f8383a22b886e415658934266089b3e

                                                                                            SHA256

                                                                                            510750e738556b063b8a0ec9c25bea55aa10e1d085f0c9626403bef6df6ea63c

                                                                                            SHA512

                                                                                            2ba567e9687b3e22daac96ee80105ca01b12efe0e7b0d3a7429160c6a95d5c454a3e4857ed6115978e7bf79ecc3c5756adbe0cbf051afc9df18ef9bef7af635f

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                            Filesize

                                                                                            5KB

                                                                                            MD5

                                                                                            9ade00706ee34566af3ed398f53b73b1

                                                                                            SHA1

                                                                                            ce01c61ecca88e03cd3d9e7d0f6e160c5f5e34d7

                                                                                            SHA256

                                                                                            844a4fb4f580a049fc4e1673689781a9702dca44a728ca0a512c1fd55677908b

                                                                                            SHA512

                                                                                            b85c9ce9baac4688f76374bea0669fe8f68b3b3db651ecb0d2ac9a17e61f483e5237d69d9bd71ef77af049269d4b6dae69b0e8742a42d2e636c931ffea36b35f

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                            Filesize

                                                                                            5KB

                                                                                            MD5

                                                                                            31ec2e6c6ea7e80ce62fbcf49f4a20c0

                                                                                            SHA1

                                                                                            21e2483a7436bfa60cc7d36a9904202aa9c046d6

                                                                                            SHA256

                                                                                            0bbf324c31cbf89ffee14409201892eddb37345efc21f7641d73756ef90ab0f3

                                                                                            SHA512

                                                                                            7e67b15dfbf96e6ddab1a708c5d8319e429b4a56a9b5d9cc7072223f76bd2a95dc575b2af60d9068637bbed4fdba22828f7d7b7649fa58e8883a92df42f16445

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            1b4e44737c3a720c424fc6da41f38c9f

                                                                                            SHA1

                                                                                            ebd2a34d9d9450a7a3bffb77796b6c8d6018a66a

                                                                                            SHA256

                                                                                            03071462d7e9ae3f32bd82fe00eb348aafa721f28ce2ccdda46bbe4e2a30ee68

                                                                                            SHA512

                                                                                            5dd56c719184ebeb6f63ccd5358a1b46b7fb887bb0fb07d1aea60680bd40d775651d28e7fe100158e9a1927ec037ac22c5d1406674321e69ea7b442ecfa545ea

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            d7bde1303e60c81fd5a4bcbe8efedb6c

                                                                                            SHA1

                                                                                            9c43ce86e41021528234bbef911405e585a51394

                                                                                            SHA256

                                                                                            4c1c26d8bf3545b56f44fd174412e7885cf139b741c00cb6169f714504207186

                                                                                            SHA512

                                                                                            358f544cff9e6914c7d9701af7337980f2a7b9f3f91ca01c76e242b7a0b3a242afafe3729ed9787cd2c21976d59b4c87a42a0ed7623954448c4262abf4d02602

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            714465664c7ca0f5041bfbd963e0e3cb

                                                                                            SHA1

                                                                                            0793cc146159b48a9353ef5cce7e8983d0618213

                                                                                            SHA256

                                                                                            67ea5955087424561b524b6cec9dde5e720b1bfb19266dbd88844a1f431026c1

                                                                                            SHA512

                                                                                            991f58084f09fbc567da01b2c55ad60e426c35d0abb4497de979db1a010347b8cf9c514b55e8125a9f50815d31a64f0a6948063ce4b8d6a6785e5d2274ca47a3

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            f2a484b9bd9562025291a6cb95406e1b

                                                                                            SHA1

                                                                                            b4298941a494239a1312bbd7a77d0a1c5d6d7281

                                                                                            SHA256

                                                                                            934e76dae8a665e0ecceab3bf61635987f38bb6b77079ebdc051b6da2195fe49

                                                                                            SHA512

                                                                                            f555027936cc5ca457b56d2311af7c057d1bd58ac8a9e694a3290673f82e1f31a9c11cecc8f51c11fe5d293374671e62c9cc1086755c00efceb4832c85ca8996

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            fb4e3619d812b8e8f269c9de88bb9b2f

                                                                                            SHA1

                                                                                            e6b86afa83da1d2bf40759c71deb25bbbcd3d5a6

                                                                                            SHA256

                                                                                            9fac3cc575308f5bdd8bcdedd05c77ac9a988571e7d14feb5bcc2f6f13a92547

                                                                                            SHA512

                                                                                            de80d87f8d671a9ba482c9385c017727a18295720a0f3b61c08b39ceb0b992c8207a0061eeeceee3a50ac672e3e5c438b56a08a217343a97e571f783560e91f8

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            5d5b6e15c6d6172e9fe155236d4611ad

                                                                                            SHA1

                                                                                            b8fb4e8909c57a9900f5b4afa6c25c370e731123

                                                                                            SHA256

                                                                                            080ae31f08d19775ffef3af039fa507a07c3ba097a1fb23296b0c08ba3fa2956

                                                                                            SHA512

                                                                                            34fda853dab0ded7f044dce2826a88a6adfe6449ac1c885f48e8fa0c4dce680df7cea2eacd7a895bfe9f721cabad092e31e2b96e5f7e522d9b58d8133db26fd0

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            fadf84132d26d934e80fe29b46308338

                                                                                            SHA1

                                                                                            474c6db8143d01cabef417029bc94528c38f221c

                                                                                            SHA256

                                                                                            e5304e5fb6c8e373cab3bd1455b12f74e8bb98cba9d84cd78d97afdf727d223d

                                                                                            SHA512

                                                                                            b252df2c5715a3369a42882427f25bb91c24fbdd283fc0613444aa829673537fd271ee72503848aeb1e6225481a74b2745ec313c6af2e1abb95ed20926456e81

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            5KB

                                                                                            MD5

                                                                                            73fb4e81b70b8f358dda35419e4d114c

                                                                                            SHA1

                                                                                            82e1c0056e27d655f23451e75392e4520099f390

                                                                                            SHA256

                                                                                            ce6a36d91085ae7b67912e59d23dddea41d3036e704253aeaa98711b1b2a3354

                                                                                            SHA512

                                                                                            abafc3214ec36673783d4dd3876274501da994fde1eb86715e92e95ea5a265bad0c65f76b9d474ea237ad919eaf43608678c001b8fea014d862a51a9ad082071

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            bd8773f4e58eecc8051f5dcb3e7a8aa9

                                                                                            SHA1

                                                                                            865ca9b91ec6038d2b9a8454c59d7caa71bfc381

                                                                                            SHA256

                                                                                            e774a0c316249835faa63e06534a801ac4b513e827177f30e00f8306c2f20af2

                                                                                            SHA512

                                                                                            e404705529897ecdeee265534467f9761d1907a440d7412c1a4601476c4ed21a9512e220cd715fa0e50a0271ad09f049d62686b1b86088514885ebc4f9e12878

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            2161fd5e80806739727021bf11ae2269

                                                                                            SHA1

                                                                                            64bd9c772db16eefad2e03e25b8b5c85265391c7

                                                                                            SHA256

                                                                                            c6716a7889dc204483a415ea354d89fbcd7f5923c7a95e3f537c7527a27350f1

                                                                                            SHA512

                                                                                            d29fa7c6599782bd41eab899495d08f458ba7161f95fd9c14e39d2bc994623a2514e8d67b78a283435fb947bcd8e1dca5a2b756edee6cae0bd3cb2a1208f012f

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            e04bfc5a9962842c7d78ca540e788a55

                                                                                            SHA1

                                                                                            14563f8257b492069d706ee32595a61ae80cc0c9

                                                                                            SHA256

                                                                                            812226beaf984cee963c16fa0ef99ea5f8206f82197bb5cd99b4f16e9a767721

                                                                                            SHA512

                                                                                            03c92e0f39b5c0e973eac22d040e1dafd7a2bc4270d221ea1cbcfe51c7bd72b156e1e9a8d5aad06f7f25164988e407514fd8b06aa441ed69dc8031c8ed981547

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            2eca0ebe1e41781a8ac803d331837842

                                                                                            SHA1

                                                                                            7a66e6d2653f8cf406ebdc5f84153e23a9c3bc1f

                                                                                            SHA256

                                                                                            9b60318c727989efb273f5093ec46a293fe05c872d1c9df815a433ec7e1f2e6d

                                                                                            SHA512

                                                                                            a2039e7bb4a7e30482c9d84d41bd4b91d75ef19fd39b61d32aa5454461275aeadcfef34a9e47e2f9e4a8fef797c2c7c5f8a090cdc4c711983c361e361b0cd95f

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            d7efb683f560331c4593c479b1c59388

                                                                                            SHA1

                                                                                            8bd81501e0e4efb2ee128f7ec456334245a49160

                                                                                            SHA256

                                                                                            913e65fa06107031396ebbd03fd617f25f45c28b847ac19024ca064fbeba4e39

                                                                                            SHA512

                                                                                            699660c9d33d9fe22be930b31c44d8c83a6b516cb9f46465e5814025b352058e44160ac1f13e9b0392465145d4cd66d05d35d4bc14b3a56906636be7b42878ec

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            7KB

                                                                                            MD5

                                                                                            cc583fb6997ae3310c9f8673a816544a

                                                                                            SHA1

                                                                                            9460cfabbe16221d073c2353b4425bdfc28866a9

                                                                                            SHA256

                                                                                            eb84535813f09b30ba1cf785c829282572db2c946c9942385c251e4e6050c79d

                                                                                            SHA512

                                                                                            808e11814f316b05492d7f77b950af4a98c2d30e5721756e5311ce908c8e053c8421986110612593eb5fcc0e0c72ac469a3d6c97999440d4bf12580d71b299e4

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            6KB

                                                                                            MD5

                                                                                            934d06248b7c8c8574beab4b0f057263

                                                                                            SHA1

                                                                                            5a7f5a4217e3e3e44e6832fde921f61977decb02

                                                                                            SHA256

                                                                                            74f059a8a14f6f3e3216eee32cb1b2b87bc794642f883e3ad82b3a5185982cf4

                                                                                            SHA512

                                                                                            76fcdc1739e1ac98d7df02be9f5f089ef7ee46c524e6c7670be924716c6c07a370ebb338fe03a4f291516da24413fb8debd89af7ff75bf60949ddb9209b5a904

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            7484733f05322dae864b144de1424179

                                                                                            SHA1

                                                                                            0eba47deab097c4bea05c9728ab4ae98f82fc758

                                                                                            SHA256

                                                                                            eee3f84ce6b015d108b72713169a04beabf312dbd3750f789e91861a19fda25b

                                                                                            SHA512

                                                                                            dbcd9d8097dadabb7fc6ec5c0948b23c29af48c02acaa15da2066a2c9e4b522513a4aeb639bcacad3f2beecd4505266ae905b873200a9fe4a5d3a12d321370ca

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                            Filesize

                                                                                            8KB

                                                                                            MD5

                                                                                            8138e9f60ba94793c089028e443ae3d9

                                                                                            SHA1

                                                                                            19ab79480cf9dbf0be058d6a6592391a070c98d9

                                                                                            SHA256

                                                                                            03de723583ced66a6e5bcd99f6669bdae413ddd2510474e2fd2178d49e772c1b

                                                                                            SHA512

                                                                                            c32b48557eec0a93041a90b933c6b1ed00b58e2c4f952dbc8d99bac1be5af63a4c7ebf2fed49290dec26fd5b049a5f8613e7a5eaac9c69896c8a7fb61f25cc93

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

                                                                                            Filesize

                                                                                            73B

                                                                                            MD5

                                                                                            05de97c0630e28b7881a27b19d71f699

                                                                                            SHA1

                                                                                            4c82a3854e4d0173b385042af0f3f5f3ffa3ab9d

                                                                                            SHA256

                                                                                            5b6c293fc4afb7abb6934107bb7d1f19f5873fc6bc210cbdd5348823d10fcc62

                                                                                            SHA512

                                                                                            2bf3d412e803f044f9a37260fdd690cf9f49e71044b416e22f2215d5b0752ed0a5f670df2a24318766037939c9a3c4ca280ff1e7073297136c777a48267dee89

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

                                                                                            Filesize

                                                                                            130B

                                                                                            MD5

                                                                                            a0312eb406f803fd7cbe7841d5a53ed3

                                                                                            SHA1

                                                                                            7f2466ecc9c2fed600e7d0c08145b87fff40e692

                                                                                            SHA256

                                                                                            37b2f27db52abbea88612e73fe9bae32284cd1ab0d2738912f613ec723f6c636

                                                                                            SHA512

                                                                                            0e66c812850e0222236e16a423f2adfa932870f5d9b3c154f79a6f04161bae0bbb9300f18ad48d72dd11de7fa0a144d1cf2a14d66b4097ae2b7dd20868435497

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3e8ad32ef6e0ff2c8dfb0722a7a862f0a1038fb3\index.txt

                                                                                            Filesize

                                                                                            66B

                                                                                            MD5

                                                                                            3a55ee0862bede55407b20914a855584

                                                                                            SHA1

                                                                                            66a97ebf2fb7fbb08e7078180d66027f9463c495

                                                                                            SHA256

                                                                                            c78043f3b57e03e3a6b8ec7cde8b68d5bcdde4fac964a56ce823860ab94d683a

                                                                                            SHA512

                                                                                            b08e178989a001f346f339a29ad76f8079a3f2fe48729e1f080e6c197963306fbf7ea4d474f96e03feac8418db7a4dd37bd269f7c5adbdbe3d1a21115bae4c3e

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            9f40668339566f1ca63a767f31c9be48

                                                                                            SHA1

                                                                                            1e034429f0ec47776cefac9f694068f47e094e8b

                                                                                            SHA256

                                                                                            138ec6eb3de0a6d809893c9fd685f7373301260d3f8b5f609b9ecbd50bc46e79

                                                                                            SHA512

                                                                                            cd21c4f6ba28ae458bed730a00415070c223f8f1c630c8ac8ce7c98999cb9209c3616a2727671cee12b87bbe93ae6ed6d6a0b39a53714595cc82c24e3ce11acc

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            1bc2435eb5b761ea95d7dfe1b64625f2

                                                                                            SHA1

                                                                                            295254b03ea86fa0eef173e4b79c9b7c8e06be53

                                                                                            SHA256

                                                                                            47fdd9c4400c5795d950a7be675901b1e69165a1c5edf60d6febc15f4922f7b0

                                                                                            SHA512

                                                                                            c6460c902ffb600c8622ae7166d0a21d0fa00cf17d9ddfc53e4ca70eb6e267ce292cf53e65b2ee51af79246c43431d801f70100e2354444d50eb4902e2ecd110

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            701adfacd21cd805f7121cb990bbad99

                                                                                            SHA1

                                                                                            b90607c216e44af502aef06f29c250dd49789a77

                                                                                            SHA256

                                                                                            61ca031d8d542591efe4d39eafca3b08d29cf706b7910a4f425683e76c71abd2

                                                                                            SHA512

                                                                                            a579fd2287de461a849fe934f88b168080cecd552591ce53ed3ae731354656d1e8afe4339c777a6e07d1cbd74b6c3312239b531893738f12263ba69e2765f100

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            ddb5febbf452ac3f25a6ae59c655ab9f

                                                                                            SHA1

                                                                                            d80425be10f8a83179b52075ced6e201bea66f1e

                                                                                            SHA256

                                                                                            04afad04d62be3d35d0fe2429f239a0b5e65fddf72500fc49e49524794976cd9

                                                                                            SHA512

                                                                                            81aaa2e99393d4083588e6541b3585da9243a2b63dbff543b391e1a52ebecadc1b57de2a17fb91d2fc03d6d19ac7cabaa6389e46c70f1f24e335bebc9888d1f9

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            750a15086b26e876f2da5f9ffb544212

                                                                                            SHA1

                                                                                            8aa2366c9be25345ab2d62688f2ee069a78b073b

                                                                                            SHA256

                                                                                            6a2fe622b166c4fed707bf54546e0a046ed0b2405707c718335990a666c2fd6c

                                                                                            SHA512

                                                                                            35b52ef32015ffcc71970f5834ea2a91192baa2575a1f5698156fc821d249f74de4ada1cf0a1bd0f1de41b31b52fb0dcf4a9a9c2b478528db14cfdcb86c1281e

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            a0e254b3f3fad0b7a9bc977a88ce96c4

                                                                                            SHA1

                                                                                            8e2f383bf6412e2818cf0fac3a547eaf839a945e

                                                                                            SHA256

                                                                                            5567da74bfd18f28c8086907a8eb8321666f2c130ca885073f5bfd3d39d1b98f

                                                                                            SHA512

                                                                                            f449cea3506d31b37434c94c18d9e02a0bb8d3e7a6566a105c39e4d589be57625d39cd2a9c7662a840050a4e10fdbb313433003fe3f06b83cc1541eb72568b61

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            0a8d3fde71e7882b4896829eb20e4844

                                                                                            SHA1

                                                                                            47f3173ed39375133b4bdc499e249f1ad40885e4

                                                                                            SHA256

                                                                                            02ac72ae15393b20b4bc4bc0a604cd390d7e85bf9f250d241515be6e1161ad2d

                                                                                            SHA512

                                                                                            b032d88794c3b0b9ae375e631584334c8deb7e7821e066cf6b18cd9b576776ef6adf52fd27040ae5ef0e2cb33da8c5fc65a1bed911d3f4d4b44ad6e0a4c235ed

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            1KB

                                                                                            MD5

                                                                                            f7b3a22c6018d60af3fee44679e31ad9

                                                                                            SHA1

                                                                                            9360e052e3dda333b0868243b9aac54a12f413ee

                                                                                            SHA256

                                                                                            ae126a2089458c6bd6b89fd955e1e74b83f3a1eb42229eb50ef482b8ccd036b4

                                                                                            SHA512

                                                                                            9fcd59faf8a4cbeb1d01abb8099e42d752e32499e59b8eb3870d885bb58705ebaf67979799c3b645663880082aa6038b42a61f3b75b7c21215764485c6459206

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            22355e0b9a1c6743faf30494d41b43d0

                                                                                            SHA1

                                                                                            a3d36f33121049be7aa9c0af1284a022417bf5c7

                                                                                            SHA256

                                                                                            d1d6a3b9989f706fb745d7ccc3b876ff27ee493121fe93ec67b41bfe0d7f9f99

                                                                                            SHA512

                                                                                            fd2320960731da7a831e808073c6f64ebb3f8be11544fbccd1053a480ab6b72d16a3c4aa797ca0eb7f080d3da79c119f2b6c5b1c63711d61c9a94e3e4d5085e6

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            c161877d51910fef51860e4850806e3a

                                                                                            SHA1

                                                                                            e1b9d75957496cce57545d0c5a924c7a3dba484d

                                                                                            SHA256

                                                                                            6c72d893204c4dd044c39dbb0c062e0b3b4b1c37649d8a39cb61119d3083bd53

                                                                                            SHA512

                                                                                            828f85fad212874892ff811610a9813950bfc6c949754f40d60e60d4286312f8602efe35bd67608f65fb9c0bb9391197ea4696b841e60196754a4a4d9ab7fa53

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            de7c5679222c29de9e4b6986b4eda24d

                                                                                            SHA1

                                                                                            0898bff074cc2a4434a7cfc9d7b175936719dd4d

                                                                                            SHA256

                                                                                            061991c07b9ec684bf2882057971b69d7d4fbf74d8ecc6b21134b66678c3493d

                                                                                            SHA512

                                                                                            2f3cbc9ac7dad1835799bb45f232b3df4d80d2e6a3237e1b4d363727c0b6f6bce9625a7aef48fa114e7fb8ab2e4ebbe0bb9996e339587db69763c2dd3d4ba2ae

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5831d9.TMP

                                                                                            Filesize

                                                                                            538B

                                                                                            MD5

                                                                                            02b2a6e07baf4857be9ad4f38bdfa024

                                                                                            SHA1

                                                                                            bba25b28739b806dd83f19f11c7df6f0dfb7bb21

                                                                                            SHA256

                                                                                            a89242547e2912e47bdbcc60218288d3fe51202cb9d0798102a6e2742c366c47

                                                                                            SHA512

                                                                                            827abea454c0f8c9a58c008901f295210a46b156b1849a4e09187d88daa2ba2e5afdcf3fa7bc305e80a495f1b47696178f3e0ffafff7ba4bbeecb33658e4bd7f

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a8426a5e-14ba-4d4e-8516-7085540c08be.tmp

                                                                                            Filesize

                                                                                            2KB

                                                                                            MD5

                                                                                            1be9d7ecd9646a4a3e1cf1ad4ecc7ad5

                                                                                            SHA1

                                                                                            20d76ba5eed26101ed22cd608583eba715da8971

                                                                                            SHA256

                                                                                            2b951153158ab225577395d478c582f9f675dfb4a42ff66889b46d8b1a987313

                                                                                            SHA512

                                                                                            4ef5f58093ce104b86850cc9e7c1d781c0330499114e6a3603b25d2f0242d10df9abd9d1b7ed32f9c5e0e1a77aab33e95687689017c4cf0dbcf96978a2397a08

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                            Filesize

                                                                                            16B

                                                                                            MD5

                                                                                            206702161f94c5cd39fadd03f4014d98

                                                                                            SHA1

                                                                                            bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                            SHA256

                                                                                            1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                            SHA512

                                                                                            0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                            Filesize

                                                                                            16B

                                                                                            MD5

                                                                                            46295cac801e5d4857d09837238a6394

                                                                                            SHA1

                                                                                            44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                            SHA256

                                                                                            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                            SHA512

                                                                                            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                            Filesize

                                                                                            11KB

                                                                                            MD5

                                                                                            a1f9043517f1ebbd0338ce1b23da5eab

                                                                                            SHA1

                                                                                            ddf13315f5a519b7173e2a3dcabfa709f8056b59

                                                                                            SHA256

                                                                                            71b3a729962737b1f42e31deea620aa5dc415e303dafd6a27e923f56a5c6cf88

                                                                                            SHA512

                                                                                            1679a87b9a6573da87faeef3c54fcd55093065fbe148e2d3b11eeb5de098547f6af8a876bebc5887338993c0efaf00dd8589f8bf7a37281d81524442248b5dbe

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                            Filesize

                                                                                            11KB

                                                                                            MD5

                                                                                            94d5816009adb8661756fe38f9c55ac5

                                                                                            SHA1

                                                                                            91fed9f6deda85b1530c45d076d59e3385610757

                                                                                            SHA256

                                                                                            0369e217e541608dea138ad1d986049b21cdd88ff32798fe554c8d31eca70826

                                                                                            SHA512

                                                                                            3b422e4b87fddc8fad66ed33bce07cd2a664601b54a5a1f037534e84048c399e4f071265bbd68c9000260d581c2016784cfd1969ccca37e919c20ec5d1717706

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                            Filesize

                                                                                            11KB

                                                                                            MD5

                                                                                            429d18eb25b487331e30c580457fce05

                                                                                            SHA1

                                                                                            f4c1ed217f7e8eaa6edda716c1d5309ff0105820

                                                                                            SHA256

                                                                                            5a6693d5e4028658048ef8c78b7830d64e8d236292a3600c158ba658675cf3a5

                                                                                            SHA512

                                                                                            48863e48b797703e5aa2231420c1a6af2c70f48aa6844b3074bdf9f3769acc0029716293c95e67a2dda50c4f55440ec9d116ac103519a1282b81e85e540c828c

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\bebe096e-f919-4268-8613-086cadc82e77.tmp

                                                                                            Filesize

                                                                                            10KB

                                                                                            MD5

                                                                                            c5cde1681f5ac4b23f1d55629d482469

                                                                                            SHA1

                                                                                            70c3b2f44e3122bdf51a2930a5a9df0686ebfe9e

                                                                                            SHA256

                                                                                            bf2c8474d705114fa5bc9f723de4deab16f80e5d2e03256caeee2cdf4d4a7454

                                                                                            SHA512

                                                                                            c0558979f1509c49961d8700ef6bfc1ef5057c5d5805fcbbd58fe3e340f13b1a00dd6449d72331436ed921b708df20534409b7a1f941c1dd5c110eca00b350da

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

                                                                                            Filesize

                                                                                            640KB

                                                                                            MD5

                                                                                            81d2fc4dea0e947fc90f4502c7899c5c

                                                                                            SHA1

                                                                                            48df671fdcd8c9d034b0d6685707f781ef01de3b

                                                                                            SHA256

                                                                                            865d62a5dbb91a54060452fa4e14e74b1a6040f1560bc94d262d11e49cfcf093

                                                                                            SHA512

                                                                                            61cac64f22808710fdac348e37cf0cd9d9c89691a9fc6940915b08cb3372e6cb435e7dc092610d238e6c4756437a5d1aac591d5b56f2ae285d7d1adc7126163d

                                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak

                                                                                            Filesize

                                                                                            9KB

                                                                                            MD5

                                                                                            7050d5ae8acfbe560fa11073fef8185d

                                                                                            SHA1

                                                                                            5bc38e77ff06785fe0aec5a345c4ccd15752560e

                                                                                            SHA256

                                                                                            cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

                                                                                            SHA512

                                                                                            a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

                                                                                          • C:\Users\Admin\AppData\Local\Temp\one.rtf

                                                                                            Filesize

                                                                                            403B

                                                                                            MD5

                                                                                            6fbd6ce25307749d6e0a66ebbc0264e7

                                                                                            SHA1

                                                                                            faee71e2eac4c03b96aabecde91336a6510fff60

                                                                                            SHA256

                                                                                            e152b106733d9263d3cf175f0b6197880d70acb753f8bde8035a3e4865b31690

                                                                                            SHA512

                                                                                            35a0d6d91178ec10619cf4d2fd44d3e57aa0266e1779e15b1eef6e9c359c77c384e0ffe4edb2cde980a6847e53f47733e6eacb72d46762066b3541dee3d29064

                                                                                          • C:\Users\Admin\AppData\Local\Temp\rniw.exe

                                                                                            Filesize

                                                                                            76KB

                                                                                            MD5

                                                                                            9232120b6ff11d48a90069b25aa30abc

                                                                                            SHA1

                                                                                            97bb45f4076083fca037eee15d001fd284e53e47

                                                                                            SHA256

                                                                                            70faa0e1498461731f873d3594f20cbf2beaa6f123a06b66f9df59a9cdf862be

                                                                                            SHA512

                                                                                            b06688a9fc0b853d2895f11e812c48d5871f2793183fda5e9638ded22fc5dc1e813f174baedc980a1f0b6a7b0a65cd61f29bb16acc6dd45da62988eb012d6877

                                                                                          • C:\Users\Admin\AppData\Local\Temp\v.mp4

                                                                                            Filesize

                                                                                            81KB

                                                                                            MD5

                                                                                            d2774b188ab5dde3e2df5033a676a0b4

                                                                                            SHA1

                                                                                            6e8f668cba211f1c3303e4947676f2fc9e4a1bcc

                                                                                            SHA256

                                                                                            95374cf300097872a546d89306374e7cf2676f7a8b4c70274245d2dccfc79443

                                                                                            SHA512

                                                                                            3047a831ed9c8690b00763061807e98e15e9534ebc9499e3e5abb938199f9716c0e24a83a13291a8fd5b91a6598aeeef377d6793f6461fc0247ec4bbd901a131

                                                                                          • C:\Users\Admin\AppData\Local\Temp\windl.bat

                                                                                            Filesize

                                                                                            771B

                                                                                            MD5

                                                                                            a9401e260d9856d1134692759d636e92

                                                                                            SHA1

                                                                                            4141d3c60173741e14f36dfe41588bb2716d2867

                                                                                            SHA256

                                                                                            b551fba71dfd526d4916ae277d8686d83fff36d22fcf6f18457924a070b30ef7

                                                                                            SHA512

                                                                                            5cbe38cdab0283b87d9a9875f7ba6fa4e8a7673d933ca05deddddbcf6cf793bd1bf34ac0add798b4ed59ab483e49f433ce4012f571a658bc0add28dd987a57b6

                                                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                            Filesize

                                                                                            10KB

                                                                                            MD5

                                                                                            7b38a15d2732ead279fccd729701e612

                                                                                            SHA1

                                                                                            9ce4cdf80c8a55f6445fea46a81db375fbbecc16

                                                                                            SHA256

                                                                                            a5772d93c08f0395f8a75c753023d665d4e46517d65f78cdb6c1ad942fa50166

                                                                                            SHA512

                                                                                            906d6cc1744e0ba683f4152992aad65340b3d10956b289c497ff184b9870bf45fc7b51a3f6c5c17f6a5acbf1eb72cb460e09b9fa58721aaa0a9b64618e2639d9

                                                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                            Filesize

                                                                                            10KB

                                                                                            MD5

                                                                                            88b71e73de658d2f2326d50e20b14ea8

                                                                                            SHA1

                                                                                            ae1adfc363f2d2f84a657e851868248eafea60e0

                                                                                            SHA256

                                                                                            afcce423940fb986f900c3113b52bdc4a6efb1bd09fc68f38ec36679c000ee2e

                                                                                            SHA512

                                                                                            c5bb2ad98ac4f3039ec8dd13dccd0def89dd3be10b3c3fee7b18ae29f41a81c4ca910e0537c604faf3d25e1855b625a35dc1652879874750de0b7713e6a14f21

                                                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                            Filesize

                                                                                            10KB

                                                                                            MD5

                                                                                            3a748d4455ebb6cec72012186d89b50d

                                                                                            SHA1

                                                                                            932834df5627e6f4aa8ba40fb671d9e0bca56873

                                                                                            SHA256

                                                                                            87dfc0fc6da1f0883b77074b99a88c1b1817bbfbc084cfbb55a9a784186f7e56

                                                                                            SHA512

                                                                                            23e1e5b4ba27e03e77327ccb00b601eee94f93e96bd669ab521dcb26f1780d7eb9c236a5902673ce9da4f573c1e2eda5cf29ea0eed09386f1b03a33612fcb0f2

                                                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                            Filesize

                                                                                            10KB

                                                                                            MD5

                                                                                            bbc8165e2bb1082868884bc386ed9d79

                                                                                            SHA1

                                                                                            703cc1f3857e66c1f7ccfab2608bbb0ec81b1b06

                                                                                            SHA256

                                                                                            8b6d3b8ae99e9ee9c85a01673246ae8feb394f178538ed3b8553454e91b17470

                                                                                            SHA512

                                                                                            62bf35d9b5c4ba5da0c9e3030182ac6e56a57b9cc88ea143f951d972266e800bb346395a52acef5781d8940527c4ffe5be6c3574c896f5a3e1707455f5ce30aa

                                                                                          • C:\Users\Admin\Desktop\UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR N1XT.txt

                                                                                            Filesize

                                                                                            396B

                                                                                            MD5

                                                                                            9037ebf0a18a1c17537832bc73739109

                                                                                            SHA1

                                                                                            1d951dedfa4c172a1aa1aae096cfb576c1fb1d60

                                                                                            SHA256

                                                                                            38c889b5d7bdcb79bbcb55554c520a9ce74b5bfc29c19d1e4cb1419176c99f48

                                                                                            SHA512

                                                                                            4fb5c06089524c6dcd48b6d165cedb488e9efe2d27613289ef8834dbb6c010632d2bd5e3ac75f83b1d8024477ebdf05b9e0809602bbe1780528947c36e4de32f

                                                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip

                                                                                            Filesize

                                                                                            198.8MB

                                                                                            MD5

                                                                                            af60ad5b6cafd14d7ebce530813e68a0

                                                                                            SHA1

                                                                                            ad81b87e7e9bbc21eb93aca7638d827498e78076

                                                                                            SHA256

                                                                                            b7dd3bce3ebfbc2d5e3a9f00d47f27cb6a5895c4618c878e314e573a7c216df1

                                                                                            SHA512

                                                                                            81314363d5d461264ed5fdf8a7976f97bceb5081c374b4ee6bbea5d8ce3386822d089d031234ddd67c5077a1cc1ed3f6b16139253fbb1b3d34d3985f9b97aba3

                                                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip:Zone.Identifier

                                                                                            Filesize

                                                                                            26B

                                                                                            MD5

                                                                                            fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                            SHA1

                                                                                            d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                            SHA256

                                                                                            eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                            SHA512

                                                                                            aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                          • C:\Users\Admin\Downloads\Unconfirmed 41172.crdownload

                                                                                            Filesize

                                                                                            95.5MB

                                                                                            MD5

                                                                                            41b9836569b9af20e3bb4ea406992cc4

                                                                                            SHA1

                                                                                            d3a18ecceca54caf26b4cec91732ad89ce49a3db

                                                                                            SHA256

                                                                                            10d91b7c206459ecdde8bbda19d6f5b07d82268e6cd2602cdada3f04ffd03424

                                                                                            SHA512

                                                                                            4d9757036b4868d2af41a69abfe37308bc498a3ec8235db34ed29be7f5182b140bc19473d0cd5433505ee22c02014b36b4ae70ab060a35402904a0baeddb08bb

                                                                                          • memory/3344-1731-0x0000000005B20000-0x00000000060C6000-memory.dmp

                                                                                            Filesize

                                                                                            5.6MB

                                                                                          • memory/3344-1751-0x000000000B450000-0x000000000B45E000-memory.dmp

                                                                                            Filesize

                                                                                            56KB

                                                                                          • memory/3344-1754-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1755-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1757-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1759-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1760-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1761-0x000000000B900000-0x000000000B910000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1763-0x000000000B900000-0x000000000B910000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1764-0x000000000B900000-0x000000000B910000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1765-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1767-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1769-0x000000000B900000-0x000000000B910000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1768-0x000000000B930000-0x000000000B940000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1772-0x000000000B900000-0x000000000B910000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1750-0x000000000B6F0000-0x000000000B728000-memory.dmp

                                                                                            Filesize

                                                                                            224KB

                                                                                          • memory/3344-1738-0x0000000005560000-0x0000000005570000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1730-0x0000000005560000-0x0000000005570000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1729-0x00000000002B0000-0x000000000095E000-memory.dmp

                                                                                            Filesize

                                                                                            6.7MB

                                                                                          • memory/3344-2251-0x00000000747C0000-0x0000000074F71000-memory.dmp

                                                                                            Filesize

                                                                                            7.7MB

                                                                                          • memory/3344-2634-0x0000000005560000-0x0000000005570000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-2669-0x0000000005560000-0x0000000005570000-memory.dmp

                                                                                            Filesize

                                                                                            64KB

                                                                                          • memory/3344-1728-0x00000000747C0000-0x0000000074F71000-memory.dmp

                                                                                            Filesize

                                                                                            7.7MB

                                                                                          • memory/3344-2692-0x00000000747C0000-0x0000000074F71000-memory.dmp

                                                                                            Filesize

                                                                                            7.7MB