Overview

overview

10

Static

static

1

URLScan

urlscan

http://vgdf

windows11-21h2-x64

10

Analysis

  • max time kernel
    509s
  • max time network
    476s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    12-04-2024 14:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://vgdf

Score
10/10
dharmabootkitevasionpersistenceransomwareupx

Malware Config

Signatures

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma
  • Deletes shadow copies 2 TTPs

    Ransomware often targets backup files to inhibit system recovery.

    ransomware
  • Renames multiple (584) files with added filename extension

    This suggests ransomware activity of encrypting all the files on the system.

    ransomware
  • Disables Task Manager via registry modification
    evasion
  • Drops file in Drivers directory 3 IoCs
  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Drops startup file 6 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops desktop.ini file(s) 64 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 2 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Drops file in System32 directory 2 IoCs
  • Sets desktop wallpaper using registry 2 TTPs 1 IoCs
    ransomware
  • Drops file in Program Files directory 64 IoCs
  • Program crash 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Interacts with shadow copies 2 TTPs 2 IoCs

    Shadow copies are often targeted by ransomware to inhibit system recovery.

    ransomware
  • Modifies registry class 2 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 32 IoCs
  • Suspicious use of AdjustPrivilegeToken 6 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 16 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Volume Shadow Copy service COM API

    The Volume Shadow Copy service is used to manage backups/snapshots.

    ransomware

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://vgdf
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffdc1413cb8,0x7ffdc1413cc8,0x7ffdc1413cd8
      2⤵
        PID:3252
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2
        2⤵
          PID:744
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2204 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2568
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
          2⤵
            PID:4304
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
            2⤵
              PID:1452
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
              2⤵
                PID:756
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
                2⤵
                  PID:956
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4728 /prefetch:1
                  2⤵
                    PID:3988
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5084 /prefetch:1
                    2⤵
                      PID:4832
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
                      2⤵
                        PID:4616
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
                        2⤵
                          PID:4428
                        • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5600 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:2848
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5664 /prefetch:1
                          2⤵
                            PID:2336
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3548 /prefetch:1
                            2⤵
                              PID:1972
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
                              2⤵
                                PID:3008
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                                2⤵
                                  PID:4080
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5668 /prefetch:8
                                  2⤵
                                    PID:5008
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4716 /prefetch:8
                                    2⤵
                                    • Modifies registry class
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:232
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
                                    2⤵
                                      PID:4340
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
                                      2⤵
                                        PID:4832
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
                                        2⤵
                                          PID:5004
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5628 /prefetch:8
                                          2⤵
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:2668
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4844 /prefetch:1
                                          2⤵
                                            PID:2028
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1
                                            2⤵
                                              PID:3108
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6132 /prefetch:1
                                              2⤵
                                                PID:3160
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
                                                2⤵
                                                  PID:876
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5656 /prefetch:8
                                                  2⤵
                                                    PID:740
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:1
                                                    2⤵
                                                      PID:4128
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
                                                      2⤵
                                                        PID:2616
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
                                                        2⤵
                                                          PID:232
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
                                                          2⤵
                                                            PID:3040
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6776 /prefetch:1
                                                            2⤵
                                                              PID:2364
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
                                                              2⤵
                                                                PID:968
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6492 /prefetch:1
                                                                2⤵
                                                                  PID:848
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2516 /prefetch:1
                                                                  2⤵
                                                                    PID:388
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
                                                                    2⤵
                                                                      PID:3192
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
                                                                      2⤵
                                                                        PID:1572
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1
                                                                        2⤵
                                                                          PID:4600
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4804 /prefetch:1
                                                                          2⤵
                                                                            PID:3544
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3484 /prefetch:2
                                                                            2⤵
                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                            PID:480
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6212 /prefetch:1
                                                                            2⤵
                                                                              PID:560
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
                                                                              2⤵
                                                                                PID:4608
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1880,11077053325301116259,10771844439458518625,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5864 /prefetch:8
                                                                                2⤵
                                                                                • NTFS ADS
                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                PID:4720
                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                              1⤵
                                                                                PID:2072
                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                1⤵
                                                                                  PID:4316
                                                                                • C:\Windows\system32\AUDIODG.EXE
                                                                                  C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004D0
                                                                                  1⤵
                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                  PID:3648
                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                  1⤵
                                                                                    PID:2952
                                                                                  • C:\Windows\system32\svchost.exe
                                                                                    C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
                                                                                    1⤵
                                                                                      PID:2552
                                                                                    • C:\Windows\System32\rundll32.exe
                                                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                                      1⤵
                                                                                        PID:232
                                                                                      • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\WinNuke.98.exe
                                                                                        "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\WinNuke.98.exe"
                                                                                        1⤵
                                                                                          PID:3200
                                                                                        • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Floxif\Floxif.exe
                                                                                          "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Floxif\Floxif.exe"
                                                                                          1⤵
                                                                                          • Loads dropped DLL
                                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                                          PID:4424
                                                                                          • C:\Windows\SysWOW64\WerFault.exe
                                                                                            C:\Windows\SysWOW64\WerFault.exe -u -p 4424 -s 456
                                                                                            2⤵
                                                                                            • Program crash
                                                                                            PID:784
                                                                                        • C:\Windows\SysWOW64\WerFault.exe
                                                                                          C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 4424 -ip 4424
                                                                                          1⤵
                                                                                            PID:2712
                                                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Gnil\Gnil.exe
                                                                                            "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Gnil\Gnil.exe"
                                                                                            1⤵
                                                                                            • Drops file in Drivers directory
                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                            PID:2568
                                                                                            • C:\Windows\SysWOW64\drivers\spoclsv.exe
                                                                                              C:\Windows\system32\drivers\spoclsv.exe
                                                                                              2⤵
                                                                                              • Executes dropped EXE
                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                              PID:5008
                                                                                          • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Mabezat\Mabezat.exe
                                                                                            "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Mabezat\Mabezat.exe"
                                                                                            1⤵
                                                                                              PID:3984
                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Xpaj\xpaj.exe
                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Xpaj\xpaj.exe"
                                                                                              1⤵
                                                                                              • Drops startup file
                                                                                              • Writes to the Master Boot Record (MBR)
                                                                                              • Drops file in Program Files directory
                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                              PID:1328
                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Xpaj\xpajB.exe
                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Xpaj\xpajB.exe"
                                                                                              1⤵
                                                                                              • Suspicious behavior: GetForegroundWindowSpam
                                                                                              PID:1364
                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Xpaj\xpaj.exe
                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Virus\Xpaj\xpaj.exe"
                                                                                              1⤵
                                                                                              • Writes to the Master Boot Record (MBR)
                                                                                              • Suspicious use of SetWindowsHookEx
                                                                                              PID:1676
                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\$uckyLocker.exe
                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\$uckyLocker.exe"
                                                                                              1⤵
                                                                                              • Sets desktop wallpaper using registry
                                                                                              PID:2816
                                                                                            • C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\CoronaVirus.exe
                                                                                              "C:\Users\Admin\Downloads\The-MALWARE-Repo-master\The-MALWARE-Repo-master\Ransomware\CoronaVirus.exe"
                                                                                              1⤵
                                                                                              • Drops startup file
                                                                                              • Adds Run key to start application
                                                                                              • Drops desktop.ini file(s)
                                                                                              • Drops file in System32 directory
                                                                                              • Drops file in Program Files directory
                                                                                              • Suspicious behavior: EnumeratesProcesses
                                                                                              PID:3040
                                                                                              • C:\Windows\system32\cmd.exe
                                                                                                "C:\Windows\system32\cmd.exe"
                                                                                                2⤵
                                                                                                  PID:4668
                                                                                                  • C:\Windows\system32\mode.com
                                                                                                    mode con cp select=1251
                                                                                                    3⤵
                                                                                                      PID:16896
                                                                                                    • C:\Windows\system32\vssadmin.exe
                                                                                                      vssadmin delete shadows /all /quiet
                                                                                                      3⤵
                                                                                                      • Interacts with shadow copies
                                                                                                      PID:17540
                                                                                                  • C:\Windows\system32\cmd.exe
                                                                                                    "C:\Windows\system32\cmd.exe"
                                                                                                    2⤵
                                                                                                      PID:5596
                                                                                                      • C:\Windows\system32\mode.com
                                                                                                        mode con cp select=1251
                                                                                                        3⤵
                                                                                                          PID:17272
                                                                                                        • C:\Windows\system32\vssadmin.exe
                                                                                                          vssadmin delete shadows /all /quiet
                                                                                                          3⤵
                                                                                                          • Interacts with shadow copies
                                                                                                          PID:17688
                                                                                                      • C:\Windows\System32\mshta.exe
                                                                                                        "C:\Windows\System32\mshta.exe" "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta"
                                                                                                        2⤵
                                                                                                          PID:5924
                                                                                                        • C:\Windows\System32\mshta.exe
                                                                                                          "C:\Windows\System32\mshta.exe" "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta"
                                                                                                          2⤵
                                                                                                            PID:5008
                                                                                                        • C:\Windows\system32\vssvc.exe
                                                                                                          C:\Windows\system32\vssvc.exe
                                                                                                          1⤵
                                                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                                                          PID:18024

                                                                                                        Network

                                                                                                        MITRE ATT&CK Matrix ATT&CK v13

                                                                                                        Initial Access

                                                                                                        Execution

                                                                                                        Persistence

                                                                                                        Boot or Logon Autostart Execution

                                                                                                        1
                                                                                                        T1547

                                                                                                        Registry Run Keys / Startup Folder

                                                                                                        1
                                                                                                        T1547.001

                                                                                                        Pre-OS Boot

                                                                                                        1
                                                                                                        T1542

                                                                                                        Bootkit

                                                                                                        1
                                                                                                        T1542.003

                                                                                                        Privilege Escalation

                                                                                                        Boot or Logon Autostart Execution

                                                                                                        1
                                                                                                        T1547

                                                                                                        Registry Run Keys / Startup Folder

                                                                                                        1
                                                                                                        T1547.001

                                                                                                        Defense Evasion

                                                                                                        Indicator Removal

                                                                                                        2
                                                                                                        T1070

                                                                                                        File Deletion

                                                                                                        2
                                                                                                        T1070.004

                                                                                                        Modify Registry

                                                                                                        2
                                                                                                        T1112

                                                                                                        Pre-OS Boot

                                                                                                        1
                                                                                                        T1542

                                                                                                        Bootkit

                                                                                                        1
                                                                                                        T1542.003

                                                                                                        Credential Access

                                                                                                        Discovery

                                                                                                        Query Registry

                                                                                                        1
                                                                                                        T1012

                                                                                                        System Information Discovery

                                                                                                        1
                                                                                                        T1082

                                                                                                        Lateral Movement

                                                                                                        Collection

                                                                                                        Exfiltration

                                                                                                        Command and Control

                                                                                                        Impact

                                                                                                        Inhibit System Recovery

                                                                                                        2
                                                                                                        T1490

                                                                                                        Defacement

                                                                                                        1
                                                                                                        T1491

                                                                                                        Resource Development

                                                                                                        Reconnaissance

                                                                                                        Replay Monitor

                                                                                                        Loading Replay Monitor...

                                                                                                        Downloads

                                                                                                        • C:\Program Files\Common Files\System\symsrv.dll
                                                                                                          Filesize

                                                                                                          72KB

                                                                                                          MD5

                                                                                                          ccf7e487353602c57e2e743d047aca36

                                                                                                          SHA1

                                                                                                          99f66919152d67a882685a41b7130af5f7703888

                                                                                                          SHA256

                                                                                                          eaf76e5f1a438478ecf7b678744da34e9d9e5038b128f0c595672ee1dbbfd914

                                                                                                          SHA512

                                                                                                          dde0366658082b142faa6487245bfc8b8942605f0ede65d12f8c368ff3673ca18e416a4bf132c4bee5be43e94aef0531be2008746c24f1e6b2f294a63ab1486c

                                                                                                          Download Submit
                                                                                                        • C:\Program Files\Common Files\microsoft shared\ClickToRun\AppvIsvSubsystems64.dll.id-35536CDF.[coronavirus@qq.com].ncov
                                                                                                          Filesize

                                                                                                          3.2MB

                                                                                                          MD5

                                                                                                          c5ab6e7c9446dbb36128a1842ff46ef5

                                                                                                          SHA1

                                                                                                          3cc2a4fd0b3428472361b4d94566b1683ce1b86e

                                                                                                          SHA256

                                                                                                          eb6740ace0da18ce60ba02b89dd3a037d5fa8516047c88b38a552ea61cf7a97d

                                                                                                          SHA512

                                                                                                          e0d275d55e75e76e0be318ecf1c4ccb6b075a6b3854815c2bcbfae5b2768e8a567eb74e9bf0ec3f4b2deccc423d8fed97cc47d39a63118cac894f4341d7eb61a

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                          Filesize

                                                                                                          152B

                                                                                                          MD5

                                                                                                          d459a8c16562fb3f4b1d7cadaca620aa

                                                                                                          SHA1

                                                                                                          7810bf83e8c362e0c69298e8c16964ed48a90d3a

                                                                                                          SHA256

                                                                                                          fa31bc49a2f9af06d325871104e36dd69bfe3847cd521059b62461a92912331a

                                                                                                          SHA512

                                                                                                          35cb00c21908e1332c3439af1ec9867c81befcc4792248ee392080b455b1f5ce2b0c0c2415e344d91537469b5eb72f330b79feb7e8a86eeb6cf41ec5be5dfd2f

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                          Filesize

                                                                                                          152B

                                                                                                          MD5

                                                                                                          656bb397c72d15efa159441f116440a6

                                                                                                          SHA1

                                                                                                          5b57747d6fdd99160af6d3e580114dbbd351921f

                                                                                                          SHA256

                                                                                                          770ed0fcd22783f60407cdc55b5998b08e37b3e06efb3d1168ffed8768751fab

                                                                                                          SHA512

                                                                                                          5923db1d102f99d0b29d60916b183b92e6be12cc55733998d3da36d796d6158c76e385cef320ec0e9afa242a42bfb596f7233b60b548f719f7d41cb8f404e73c

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\30de8dfa-3e4e-4bfb-9f2f-46268966d90d.tmp
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          9612d5005d3feb3f69a27d7997f45d23

                                                                                                          SHA1

                                                                                                          6f7ed33bbfacd5ce590af784e05c1e68d13ef85d

                                                                                                          SHA256

                                                                                                          311a0b09d958a12f7a63643ad10e31d048de72753145b68e3e1d2afdb359a96c

                                                                                                          SHA512

                                                                                                          40a61d1432558010324a8e50a49ebfbe12b1b78e81965a9ce68479912e0fff115a25959b953f3a827825bb8cb4aedf2cd5e9300f1c725554a089cc9eeb9c2d3a

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          MD5

                                                                                                          d6b36c7d4b06f140f860ddc91a4c659c

                                                                                                          SHA1

                                                                                                          ccf16571637b8d3e4c9423688c5bd06167bfb9e9

                                                                                                          SHA256

                                                                                                          34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

                                                                                                          SHA512

                                                                                                          2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
                                                                                                          Filesize

                                                                                                          67KB

                                                                                                          MD5

                                                                                                          d2d55f8057f8b03c94a81f3839b348b9

                                                                                                          SHA1

                                                                                                          37c399584539734ff679e3c66309498c8b2dd4d9

                                                                                                          SHA256

                                                                                                          6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

                                                                                                          SHA512

                                                                                                          7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                                                                          Filesize

                                                                                                          19KB

                                                                                                          MD5

                                                                                                          2e86a72f4e82614cd4842950d2e0a716

                                                                                                          SHA1

                                                                                                          d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                                                                          SHA256

                                                                                                          c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                                                                          SHA512

                                                                                                          7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
                                                                                                          Filesize

                                                                                                          36KB

                                                                                                          MD5

                                                                                                          dfa06a2cf726c1772e54d6f0e7b57fe8

                                                                                                          SHA1

                                                                                                          6c843917d374a2f5f4fbc2e3cb620737c56f864f

                                                                                                          SHA256

                                                                                                          a99b0f8a4e209bf564f0570d79edc20f08244edae0a50da214ff32afc56d89fc

                                                                                                          SHA512

                                                                                                          046af2d7537f6985db4c55368d5d0865713dd955ef094ff3743b0899e8699edc17029c29bd15fdabe4f1258fd1e502372f0073bd2ed0e8d5060e384c0a397e2f

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
                                                                                                          Filesize

                                                                                                          63KB

                                                                                                          MD5

                                                                                                          710d7637cc7e21b62fd3efe6aba1fd27

                                                                                                          SHA1

                                                                                                          8645d6b137064c7b38e10c736724e17787db6cf3

                                                                                                          SHA256

                                                                                                          c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

                                                                                                          SHA512

                                                                                                          19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                                                                          Filesize

                                                                                                          84KB

                                                                                                          MD5

                                                                                                          74e33b4b54f4d1f3da06ab47c5936a13

                                                                                                          SHA1

                                                                                                          6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

                                                                                                          SHA256

                                                                                                          535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

                                                                                                          SHA512

                                                                                                          79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
                                                                                                          Filesize

                                                                                                          1.1MB

                                                                                                          MD5

                                                                                                          d404b61450122b2ad393c3ece0597317

                                                                                                          SHA1

                                                                                                          d18809185baef8ec6bbbaca300a2fdb4b76a1f56

                                                                                                          SHA256

                                                                                                          03551254e2231ecd9c7ee816b488ecbde5d899009cd9abbe44351d98fbf2f5fb

                                                                                                          SHA512

                                                                                                          cb1a2867cc53733dc72cd294d1b549fa571a041d72de0fa4d7d9195bcac9f8245c2095e6a6f1ece0e55279fa26337cdcc82d4c269e1dd186cbbd2b974e2d6a70

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
                                                                                                          Filesize

                                                                                                          74KB

                                                                                                          MD5

                                                                                                          bc9faa8bb6aae687766b2db2e055a494

                                                                                                          SHA1

                                                                                                          34b2395d1b6908afcd60f92cdd8e7153939191e4

                                                                                                          SHA256

                                                                                                          4a725d21a3c98f0b9c5763b0a0796818d341579817af762448e1be522bc574ed

                                                                                                          SHA512

                                                                                                          621386935230595c3a00b9c53ea25daa78c2823d32085e22363dc438150f1cb6b3d50be5c58665886fac2286ae63bf1f62c8803cb38a0cac201c82ee2db975c4

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
                                                                                                          Filesize

                                                                                                          32KB

                                                                                                          MD5

                                                                                                          bbc7e5859c0d0757b3b1b15e1b11929d

                                                                                                          SHA1

                                                                                                          59df2c56b3c79ac1de9b400ddf3c5a693fa76c2d

                                                                                                          SHA256

                                                                                                          851c67fbabfda5b3151a6f73f283f7f0634cd1163719135a8de25c0518234fc2

                                                                                                          SHA512

                                                                                                          f1fecb77f4cdfe7165cc1f2da042048fd94033ca4e648e50ebc4171c806c3c174666bb321c6dda53f2f175dc310ad2459e8f01778acaee6e7c7606497c0a1dea

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
                                                                                                          Filesize

                                                                                                          217KB

                                                                                                          MD5

                                                                                                          876a8491f9caeebd660bdd7c9522ea70

                                                                                                          SHA1

                                                                                                          7acaf6272f9e65ba0b691047184e16d89de10baf

                                                                                                          SHA256

                                                                                                          e08a8ae9e345c9cb60b7d0d12e47dae88fa3363d9ed44105bd2dd20096d174e9

                                                                                                          SHA512

                                                                                                          3f2d1297c007ccfd2d81c5b06798d59d4c5a3c6d7ddd69fb846c1a64dfbcf6ec623e62442f74c9e0b8388544154e60590b33381abec1ce26a231dae4c9c8795e

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001a
                                                                                                          Filesize

                                                                                                          47KB

                                                                                                          MD5

                                                                                                          045937268a2acced894a9996af39f816

                                                                                                          SHA1

                                                                                                          dfbdbd744565fdc5722a2e5a96a55c881b659ed4

                                                                                                          SHA256

                                                                                                          cc05f08525e5eaf762d1c1c66bef78dec5f3517cf6f7e86e89368c6d4a1ef0cf

                                                                                                          SHA512

                                                                                                          71a025a421384ed1e88d0c5ffadc6450a9e1efd827fe929f5ef447d2901cd87572fccf13dfa8b2706c9fab8160163e3a0c80bfe1ab49d63ffbbcb0e4e591a84f

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          5580a15bcf9f9d471a6882f287fdeab9

                                                                                                          SHA1

                                                                                                          5e6397fd205af2dcd23cfc35be87b8851c077bbd

                                                                                                          SHA256

                                                                                                          d14196cb1a7d18dee2a031e0631e0ccce132737874cf1494aaa2499c0d7a0cb5

                                                                                                          SHA512

                                                                                                          6d79d51a1dc03b8f5050f71584758805d20edccd43bead4467d371bf37105a16168307f128c941061b00c28c463c715b7ffcce365a74dbe15718331d987ce800

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          126130f5ed25100b459ecc6f7856bb82

                                                                                                          SHA1

                                                                                                          ae73bf97b25789a1c2e44d6b08d0d1272b566080

                                                                                                          SHA256

                                                                                                          351308eafab8632fe4fc1fdc6ed518967e6ff1dd3d1783f04140e7b7963f8e8e

                                                                                                          SHA512

                                                                                                          46bef4797d08a60587129cb43818de6a1ce3e839ff364e50584edbd42b5820c828c576f23b918f48191f2a5aa23923d65d85b1dcdf352aabf735a3c31bb10eab

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          MD5

                                                                                                          2de438ade86049d259c69a25b0fa2989

                                                                                                          SHA1

                                                                                                          8c712dba901d055ab9be06353401df0d89108238

                                                                                                          SHA256

                                                                                                          4e357da701daf51a35834cecbf650305601226af0f6067dc13bf494ad7e2dbb1

                                                                                                          SHA512

                                                                                                          44765d5aa7f96e8630e0326bf97af861affb4991509cc2935d7b87b51a0173dfcdc2d08d45fc4495830c8d3f06831b735ac925e21b7c14504bcc8bef1c415b2d

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          111B

                                                                                                          MD5

                                                                                                          285252a2f6327d41eab203dc2f402c67

                                                                                                          SHA1

                                                                                                          acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                          SHA256

                                                                                                          5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                          SHA512

                                                                                                          11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          3999b27940d094bf8db5b6c42425bfa4

                                                                                                          SHA1

                                                                                                          063f641a183245871fdb160639a3d3480a83da5e

                                                                                                          SHA256

                                                                                                          466bd5b21e7f34bc9d7d31bad750320fcf0d6fb30b579d63c736997efb791a66

                                                                                                          SHA512

                                                                                                          b32e9a8f3fda8682c0606c96f63b9ef0f1650ae1a252f8ee331c445fb1d3686643d944b44e1fe69230ae9ebdf5c411d30da39ea0949096ea5965a723bf5f4a54

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          3KB

                                                                                                          MD5

                                                                                                          85f33ee22d1e5d5ac3a3f2cf1c349af6

                                                                                                          SHA1

                                                                                                          2e02abcf5cb3378ba837a15c230e19af7233ac1f

                                                                                                          SHA256

                                                                                                          9535df1daf40fd674ff5e07085ba46eb27cac011f02a1a25f073debdbc184ef3

                                                                                                          SHA512

                                                                                                          159f6b5f2429b79be5058abdee64bc349b0fb20beb86a8ddd2676995c9d7ada1a77dd5569babaf2a6e2154802c64cd4731aa5cb0c032f06ba48327523efa513d

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          3fb6521b710efd263627efcb7058a7cf

                                                                                                          SHA1

                                                                                                          bc8a0c59ca3d17a4e6e6fe5bfb01b950785dca22

                                                                                                          SHA256

                                                                                                          8ff7cdf7b4db22b5855f79c82aa38cbce3ffbe08c1f7258adcba859e8ed45d51

                                                                                                          SHA512

                                                                                                          3d35ce22da733a691187af8b68e99cfb958e0709f4a3e136f3b341a34af8e4e663722d11aeac2721436738bf38ebd8b7c3ab29cdf81f2d4260b69c4baeaebd16

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                          Filesize

                                                                                                          5KB

                                                                                                          MD5

                                                                                                          8f3082bf298da5b98c42deb8ecdc6c31

                                                                                                          SHA1

                                                                                                          7f9e973c1fc2e39c3cc554bf09c81f1b0d24ded1

                                                                                                          SHA256

                                                                                                          05f63b8f337c85efa5987a7c84e0da894af856e185653e997d2c013bc69b2e02

                                                                                                          SHA512

                                                                                                          af87418d434b0eec14de2f780afe807d8630c25a5f962f4302f14607a5636d74834bbdc71369edb8f7230f91a3938fac68b1b699918c6e892e6a269266c22871

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          6KB

                                                                                                          MD5

                                                                                                          0562162f738165c4acba49640473787b

                                                                                                          SHA1

                                                                                                          e69f3310a3d0813171c653ade1b5d015c72fd1dc

                                                                                                          SHA256

                                                                                                          da0b117eea1423f8c6c3c29a9d35ca61e78349bd1f20f32d8dcb2a1d821b4c24

                                                                                                          SHA512

                                                                                                          f25629dedd813221798b5a5aa2c5e703943455d2d6007a817665e86d1538b3b89c5d364851ad5b9847f795a07baa1634bbcec06f8ddb825a3af2ff5ee92988a0

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          258d396eaf3e8dd47e9a0a890f3d77c4

                                                                                                          SHA1

                                                                                                          2b25350918330ac987ae5217b1dda322e14f5f99

                                                                                                          SHA256

                                                                                                          a1ae50d2cb393f5dd692c60fc58cf50e2c09942a65629cf98cc0a82c634c358d

                                                                                                          SHA512

                                                                                                          d8547777b109c6e209f50ee40716c83520f0bd0d275f36143b5c6486a205b47daff52596c3c0252c209c8328c3953246dccb727e0457f9ec096c14763409d191

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          197589147cbd330df1b2ca0409cb55f1

                                                                                                          SHA1

                                                                                                          88e00cb48d3467368979412d73eeb695f0e19ef4

                                                                                                          SHA256

                                                                                                          db24d024a82a11469841f5cd03c84b0eff740b4bf225d442fa4aaa6892bc7f23

                                                                                                          SHA512

                                                                                                          4f5be16d5522794742a3de371ad29b6cffc92162d066b30b24aaff824a3be9295cbb3186a4b8fb2cc7932c1c6c7f9552e0dd1e43857f3685f9aec7ab9179b2f5

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          MD5

                                                                                                          4a792f2e96b9d0e035aa1f23f77f9537

                                                                                                          SHA1

                                                                                                          694baf66fb689a89ae1070780c9133e6436b1ced

                                                                                                          SHA256

                                                                                                          204a0b0ef227614dc8ef5e8de6c3ff60a78710a783f890362f980203ba1c3b27

                                                                                                          SHA512

                                                                                                          77c4e4adbff35557977c4540385f79bdbba8adb642d68c01e72bd4b7caadebb1b3534f15661c65d6f9733b3ffcf255dfc1a405087c7696c327b2e51e15c1f360

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          3c304731916585b22d6f13896c9cb25e

                                                                                                          SHA1

                                                                                                          7620ecd71f9715617fbbb53c8a22e2a11426e64f

                                                                                                          SHA256

                                                                                                          f4dc501ad32be69d9bfe420a44aa07a627790e96f612b0102f61bb63bcd28fd4

                                                                                                          SHA512

                                                                                                          255911c472cc5f6bc4805ea9e5f8dc5e4cef10e6ee37cdbea1746fa339b9f45b01a44599f48cad299924ba1da091e57ef23b52357f96ee20ac491934cdedc38d

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          80b1fbd16e55ca7b33f2e986b04f241c

                                                                                                          SHA1

                                                                                                          c2ce1d162fa0f93e3c950599329e12871c80679a

                                                                                                          SHA256

                                                                                                          21f133861bcd319bb689f60ca7400b1e02b1d4550e58dca99a78476462a0b660

                                                                                                          SHA512

                                                                                                          b9432e34d6118cc9ed8c201ed72c8a2a5c90aa57b43d3c3489796fd29810f12c3373e42a6682335d5d9adf6ecb9159fa3e15587007cf64dedc6064f3a1162c7d

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                          Filesize

                                                                                                          7KB

                                                                                                          MD5

                                                                                                          61c617e4375395d8489c38476977aa54

                                                                                                          SHA1

                                                                                                          f8f1bde75902549b9b7198c088ec29c8701e8e85

                                                                                                          SHA256

                                                                                                          90b841cc1b1c6a08c224a27840f4e5665f47c5d2268d88582921855d665ae6ad

                                                                                                          SHA512

                                                                                                          955a2e7d3f3866fac3ae8ee336ee1a8399bc04450b73a551464a98d9780b311009510d086fd842444f765a802b7a3c6f52f7148ec24b3d020ca837bda572e108

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\0130e415-6f1c-4a09-ba23-309cbf19b1be\index
                                                                                                          Filesize

                                                                                                          24B

                                                                                                          MD5

                                                                                                          54cb446f628b2ea4a5bce5769910512e

                                                                                                          SHA1

                                                                                                          c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                                                                                          SHA256

                                                                                                          fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                                                                                          SHA512

                                                                                                          8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1afde0c1-ac92-4e75-994f-f9e9445bd8dd\242e9d7581788207_0
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          ffba712ad04684b9ce4974f0482f84ce

                                                                                                          SHA1

                                                                                                          f43de4134f77851bd5be0cdef004de4dca13e394

                                                                                                          SHA256

                                                                                                          fe108e41d60faf52e3816fe0aeb1e9d16bac9acb1434120a1cde3ba942761b11

                                                                                                          SHA512

                                                                                                          e5b7432f318754c1ef6e681ee2da9f51f7bcbf47b9ef7215f90def08e27e5d51333531c2b0b1bc737e28873e7c656cc85b91ccee22460ea8a280ed4658303021

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1afde0c1-ac92-4e75-994f-f9e9445bd8dd\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          624B

                                                                                                          MD5

                                                                                                          0855a11d707b3708ef3dd6084e0a566a

                                                                                                          SHA1

                                                                                                          c6b4712edd27b0b2cf38a42734a253f593f47b35

                                                                                                          SHA256

                                                                                                          2c61f948b0c0d9630471bdc720e7422784a9044ee5ce53dccb3738847ba16e48

                                                                                                          SHA512

                                                                                                          897c9d600f0738482c402eb893f97efba5d5d6751c937af5ba72639e960bcc1dd521f237b202dc1f3680ed104480b648e9a1e9901805a5289393802e05b7eb92

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\1afde0c1-ac92-4e75-994f-f9e9445bd8dd\index-dir\the-real-index~RFe582c3b.TMP
                                                                                                          Filesize

                                                                                                          48B

                                                                                                          MD5

                                                                                                          e1d2aee1b8e443fcf0e120e3db840c0e

                                                                                                          SHA1

                                                                                                          5b21d6d7cdfee27fbab76b10d708697af2424dd7

                                                                                                          SHA256

                                                                                                          9651922106ca2e2f5056db841de54e4dd2a2b01ac66a5d7186884f1c1ed93386

                                                                                                          SHA512

                                                                                                          510e6c5b1cb2b27074e8d1422b801d0b3cc3ae3bd18b40a71dd13c376d485975b2b2fcba1b9a7a22daa754a0a1342545d6d8f2266f96d8b6073884957a0fd9ae

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c13d449e-bea6-48ee-a560-92893c00157b\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          a31f321995cb960199e2bd9b2e00426a

                                                                                                          SHA1

                                                                                                          43bb208f17e69a9961db7b49dcf67786cd99b286

                                                                                                          SHA256

                                                                                                          0930ef52c9aa0b12f222812a56d0214113dd441f0f5f85fd5c17da504fb23808

                                                                                                          SHA512

                                                                                                          0b471e2c301bac8df2441db4fa0dd41f329efbad5b540d612ce7352ac712c2f757abc240d7f7a1576d03fd5a57d10952ba0775b8ed9343166032aa880a151a69

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c13d449e-bea6-48ee-a560-92893c00157b\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          9373641b6468be79a80cd0e6c2157078

                                                                                                          SHA1

                                                                                                          5b5f91e889fffe77bc7572c82078dd60a3c83f11

                                                                                                          SHA256

                                                                                                          2ea87f54f49351d8b1cfc04ab2048776186813d1e646fd17ad35b871266b3a49

                                                                                                          SHA512

                                                                                                          182d9666d81d11c00d2e54828cd42a08b097f23e6f582a0625ff3e3d778b3b21ae04cebd18295669786c3f2e07a5861b0b8173cc66d8245ec8e53bcc11e795bb

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\c13d449e-bea6-48ee-a560-92893c00157b\index-dir\the-real-index~RFe57d590.TMP
                                                                                                          Filesize

                                                                                                          48B

                                                                                                          MD5

                                                                                                          2bc04d0e14f859855880864d0b46d772

                                                                                                          SHA1

                                                                                                          6524fed71ce0157cfcef1e298c838ab9a1a44d30

                                                                                                          SHA256

                                                                                                          83d2d6b742c3b7953a5b0edaf691077304013cce39d435cd2b46708c29e66e4d

                                                                                                          SHA512

                                                                                                          8ecfcf4fc47a95feb3883b5d05aa5ea6a955f5a06c2bf3c58b571e7ea6d7afe9ee4c945eee69404762d6539d9b27f562afcda21bed681f842f25223eae2856e6

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          89B

                                                                                                          MD5

                                                                                                          c18a434f8b3f24863411b4d7d63d8a30

                                                                                                          SHA1

                                                                                                          1024d355ecf30b22048559c72718186045eaf6ff

                                                                                                          SHA256

                                                                                                          aa90a92084dd0e160fbfd177cc2a2f87acf17618c92d5083a09d8fa32a973e4d

                                                                                                          SHA512

                                                                                                          84f7fa953506f683f6e2bae4f6c62512387c400d37da4d7ac26c3f310d018cdae8b9445a8dbd16f1cf2666240467a4791cf5ba9803487b9f8e3e3b31ca5fc888

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          146B

                                                                                                          MD5

                                                                                                          f4ce43ca3ff0a361eb18f2af72e0e010

                                                                                                          SHA1

                                                                                                          2bec830561004829816ccf6c6d5b9b380c02a493

                                                                                                          SHA256

                                                                                                          56afb13ef50240cf227311d2454860bb453602d47b9caf45bcf213456676302f

                                                                                                          SHA512

                                                                                                          ae6b4c16a6dfcbfeb70d1a52e0763038e9c0acf4fb43da3867da0a0c488347b378c00ee8378f3389b4fdd944440b16c720fa528ee024f92a54e68db406f7a3b3

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          148B

                                                                                                          MD5

                                                                                                          9f685b18245572b8b67b0941f6dc141b

                                                                                                          SHA1

                                                                                                          b5bf60a491ed7c27aaa65110975ab2dcd1d3e6d8

                                                                                                          SHA256

                                                                                                          a6dd695e89bd5432acd03acfa134664270c8968ac04b53276aa5722cd8cee26e

                                                                                                          SHA512

                                                                                                          990f1350819fc595d86855036f7f1dcc104f4f65dd80b605cad81ff8153bf9957acf077d3f317718f32f0af3c6d6df83acec199d78f914f3b5e731b0b25d70ac

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          157B

                                                                                                          MD5

                                                                                                          a6b88c1373e03c521444d4dcf35010dc

                                                                                                          SHA1

                                                                                                          97e533e35baba1d91cbfab625d429b2b7813a313

                                                                                                          SHA256

                                                                                                          f259ff4d7338a4f6c0de4004e5d15e493787aef3ac109b700a8f06e95400183b

                                                                                                          SHA512

                                                                                                          7d1230683988d4deea7a0f5f5bca82e20f1ff1a0b07a1a0e42aef9d4cbf459b1fe1df707d62d97cc1ac4566a5ec4d03801b5a2664ed78dc54010b1e66712e673

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          82B

                                                                                                          MD5

                                                                                                          0414607a69aa15ab955dd00a35337d7b

                                                                                                          SHA1

                                                                                                          87a01a53a8de422dc65866187890d953964511b8

                                                                                                          SHA256

                                                                                                          333d691f3c5a97555756edf05a7098e145ceba06aaa4d39e3e2f2cd2e1032fe5

                                                                                                          SHA512

                                                                                                          70942f01e14a4d48383e304d88ded4558c57c748c8ad405acc4d4c3702f71fe7f1b4dfddb98dc435f66c246e07cbe2f6d3ef77d6a211bc02e09acb44eed70451

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          84B

                                                                                                          MD5

                                                                                                          32bb173f186994561b43edb5973622a1

                                                                                                          SHA1

                                                                                                          ba86bf80e542ff9cba04ed4975cb331b466978c5

                                                                                                          SHA256

                                                                                                          9af86df7599c9992144bbce781f470c94c732b6b5edf5611600c6daa8e436baa

                                                                                                          SHA512

                                                                                                          903bd06d209aebebdf58786d6ff229f415558d8ad0ccb0b4ea0bb29692597b0a4673263c2beab6285fe43f6fe9b6447dcd5dc36e2b859a8785d89f89ede8493b

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                          Filesize

                                                                                                          153B

                                                                                                          MD5

                                                                                                          cb7920f8456a9bc4c8296700e599f4db

                                                                                                          SHA1

                                                                                                          eb6e0b9b4f6652d252365830c354d2219070a299

                                                                                                          SHA256

                                                                                                          efdba4a32d79cda637459f70264c81888de9ba2bed352fde7057c49b6ac75a4f

                                                                                                          SHA512

                                                                                                          685ab580a31178cb33c43a8ba2ddc705691eea6e0b151c2ab60a398d9f3e17fd0bf22a9b1cdbcd7841e005335d3aab471dd2b703a7f4ac0bb5259251c6af4f7b

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT
                                                                                                          Filesize

                                                                                                          16B

                                                                                                          MD5

                                                                                                          46295cac801e5d4857d09837238a6394

                                                                                                          SHA1

                                                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                          SHA256

                                                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                          SHA512

                                                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
                                                                                                          Filesize

                                                                                                          41B

                                                                                                          MD5

                                                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                                                          SHA1

                                                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                                                          SHA256

                                                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                                                          SHA512

                                                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0
                                                                                                          Filesize

                                                                                                          16KB

                                                                                                          MD5

                                                                                                          e43bed14e9b5990688f5620d1b337863

                                                                                                          SHA1

                                                                                                          938735e3819da4ddf302ab304c59a27c899c2830

                                                                                                          SHA256

                                                                                                          9c669b119106cea57fe25fd33413e41b8c3c8a581698e7871cad3411b11ebedb

                                                                                                          SHA512

                                                                                                          06b621556010e1a75d1303cfedea5ab7560738892c1cdb05f44a3cc4e5057ab4cac763bd6fbb466edd49e3c8a826d45f6a88c5c3a2ae683efa5e3c7d65e3be1e

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0
                                                                                                          Filesize

                                                                                                          161KB

                                                                                                          MD5

                                                                                                          222c41a5633bfcf9a7075935abb5a5e3

                                                                                                          SHA1

                                                                                                          e7dbebdd77268771ce29a2bc795c48b49e9eb580

                                                                                                          SHA256

                                                                                                          cf710cb10f53f5b64914a8ceed2333da509a23cd8b561aaeb3b1a5a5ca26bf01

                                                                                                          SHA512

                                                                                                          a9b82d07b85fc6ebe9e81f074c32e49dbadaeb8c473a019fd0e5c218bc07b3ff063b4e569f4250685e04450ce99a1165481c5966a7027f821bb1cef3f5a20ecd

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                          Filesize

                                                                                                          96B

                                                                                                          MD5

                                                                                                          fc6e0202c0ead5d5a818730c0991edaa

                                                                                                          SHA1

                                                                                                          ffcb50f78bb32b1dac3594ba16fc9440cd2e4bed

                                                                                                          SHA256

                                                                                                          6c5889742fd655990ed7426fe92f77f1d0d000d58d52952c406b8a62ac519721

                                                                                                          SHA512

                                                                                                          5a946174027291fcb0675d540be322f1f73405185d92230162a3c669e10feeec59d1e5ccc195ff54126265b7db1f85c06376bed750d1c9d29a4b4e4e6db5a6e0

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5826ec.TMP
                                                                                                          Filesize

                                                                                                          48B

                                                                                                          MD5

                                                                                                          6032baffa16b7ef03d8c7b089e143fa9

                                                                                                          SHA1

                                                                                                          b82ee2c0e25074e18f88bf561ba596aba6032fbf

                                                                                                          SHA256

                                                                                                          e10e8c1e342b1bf568f605606659e6b0bad84dbac79ae7b908e2a7d58ea4f5e4

                                                                                                          SHA512

                                                                                                          d1d8f1d6770feea4c325329014dbd9af507dd37ea7b01f8ec1cf3fa40b3671cae2e1bcd482d1fed24c2a5569e10d04016e01beaa3895eca2665865bf9ea22ab1

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          f6c9cb9808cd530acc7bca5a607a21e3

                                                                                                          SHA1

                                                                                                          01ec9fb4f95aa390fb80d258b5c59b03ab64a067

                                                                                                          SHA256

                                                                                                          bf7d31d36508a8288a844531515ac583e1775698bb27846bb03e96a5953e14e0

                                                                                                          SHA512

                                                                                                          17c3bcc534289976016c2058ef1feb1776c02803f2340a7db12224f853e1a395605d9dadc3feea55146821d64e7840132de1c732b77cf0de981096928cfbf0dc

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          e70533956d19b1f72c73c4663034d275

                                                                                                          SHA1

                                                                                                          0ad49666fdfb9092fda68223199e237c8b4d74a4

                                                                                                          SHA256

                                                                                                          426fbc7650d14a718bbadf501dfb57af49d30e253919e973348d55290cc71b77

                                                                                                          SHA512

                                                                                                          50ee88e4b71f0ab0c2bb2612f9e183ccc9cdfd0a529704f64c4704f552991deeafa15ea66377f14b40baa4f06ec10f98b2a11c77357ac801ba80c6a23dabb41d

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          77a8d85c516f1cd0685f057c6f7838bd

                                                                                                          SHA1

                                                                                                          af7978e8cba4a113325ff78e92a0bcb22885af0f

                                                                                                          SHA256

                                                                                                          7a13d597ed64b874390b5fba2b92fe369ecd78313b2b7730140e762d2dfed572

                                                                                                          SHA512

                                                                                                          fea6d1860600f9ab55550316d28a5e3c8c4f3fc3290c6c109f85bc4c4a3d81f9d93b3f77249cf9aa296e1971efb7576c12b15a100c1511a1bc3d55b22627a247

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          1KB

                                                                                                          MD5

                                                                                                          c13b72f77b7dbc9a12b44ce1a1b54b65

                                                                                                          SHA1

                                                                                                          66c536a4445e4cecd63f4490bea61cf058a9d5ca

                                                                                                          SHA256

                                                                                                          dc119ee1efc6509c92c385f7d70c4a29f60603d915f3c5e61e07435d9ae6d27d

                                                                                                          SHA512

                                                                                                          09a95c64a2c53b9d6b442c22f358d57332b1814add3a2535c29312de1080435f043d5af8b4d4ac9097a21946f8d43a5569b1f0c40a86caee2153b99d458bbc0b

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                          Filesize

                                                                                                          2KB

                                                                                                          MD5

                                                                                                          8fe549a48adc4eb619c9d443fc16f60f

                                                                                                          SHA1

                                                                                                          cc20d1301d3960728e6c96428f4d3235ddc15e15

                                                                                                          SHA256

                                                                                                          7f0fbd26e105edc82780f6c93a94305a729fe2e426311b37669dc3c3411b88c9

                                                                                                          SHA512

                                                                                                          3f19ff656866a18a60974840064fb5d746f6d467a3ca40d0bfe3a88a452754506da70372c2ac99df8e33110ddda15fbc117cb57fc39e56ba057f8a69619a09ca

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e4c2.TMP
                                                                                                          Filesize

                                                                                                          538B

                                                                                                          MD5

                                                                                                          db7f681b0315e3b87220e09b2efeb14b

                                                                                                          SHA1

                                                                                                          91fcae3229bf0e060555d5e8d689e0036c14849b

                                                                                                          SHA256

                                                                                                          bd5bd5e0495debc95c4e44a63a465530ea122fee60543f6f20a1b20aaf9f815d

                                                                                                          SHA512

                                                                                                          27d71a6406e44a1e78ea998d82a954f0efade892808c08126a42467142def70d646c90b8aca4ae95b944d79ef2a23e36f8e759261f6f28830ec68b5f4a047c3c

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                          Filesize

                                                                                                          16B

                                                                                                          MD5

                                                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                                                          SHA1

                                                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                          SHA256

                                                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                          SHA512

                                                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          fff4eebdb7ad0154675d5021d9410fb6

                                                                                                          SHA1

                                                                                                          dd8bc5b0889a6bb428e7e395e7f7a89b9072d421

                                                                                                          SHA256

                                                                                                          148ce7789c1cdc4d89360f766bd9f02211b227c031a8022d00ece72982c27023

                                                                                                          SHA512

                                                                                                          ff6b2ca2d702f344295cacfd184ea2386c86e7873b15c4fa7e043fae94d9c03675ecd055db088d67047b3ff2f766243d5a0845fc89855830d5ceeabf86ab92c1

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          4d5bb1cefc8b55d20f9ea30715516eed

                                                                                                          SHA1

                                                                                                          9a67ba9c3aa78cb42a47228b02d783a1e0840174

                                                                                                          SHA256

                                                                                                          25468d1e32e503f6ebea6d761c6b32088ee801c56f19139d2374e2cc1cd40e5a

                                                                                                          SHA512

                                                                                                          44b463b675cb8d3ebcb9a5ec7ee21c5693ea8b8db484c458f41f311f0758c68e62b1f27895816786d6b76efcb749d22fea835ee93ec1786ba8df1b08f15b64a5

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          42fa4879aa45cab0e73ee4cd2328f4b6

                                                                                                          SHA1

                                                                                                          6f49f4f137d3e214df0805bd7f323c56b322e0e9

                                                                                                          SHA256

                                                                                                          74f8178c114f4e757e727661f0425eda77e437e452353addf6586a060cf44e3b

                                                                                                          SHA512

                                                                                                          942533743e215601974ba6d9c9e443dabcfcbdb12f368f6116f1c1e5e63ca0934e176bb329494b2a23e0bc6b4244eb12e95f1e5d70114753cdae494635656e12

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                          Filesize

                                                                                                          11KB

                                                                                                          MD5

                                                                                                          9938175f246fc25715637e44a5e885a9

                                                                                                          SHA1

                                                                                                          38b730be08e2c467dfa465c13060384a8a9e318c

                                                                                                          SHA256

                                                                                                          d9ee05645a5a1d6a722bd1e10da0b0b33b5d06fcc1ebb3c07b7d194e8f1b1cbb

                                                                                                          SHA512

                                                                                                          f9b66ed6d0fe430834001beb5c77abf0b1b09667a1e16233f5d39b0638680c807bd54ffa9f00a9a6834eba8c3c523182a507e425f577a82f48da0b08057fe8ff

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip
                                                                                                          Filesize

                                                                                                          198.8MB

                                                                                                          MD5

                                                                                                          af60ad5b6cafd14d7ebce530813e68a0

                                                                                                          SHA1

                                                                                                          ad81b87e7e9bbc21eb93aca7638d827498e78076

                                                                                                          SHA256

                                                                                                          b7dd3bce3ebfbc2d5e3a9f00d47f27cb6a5895c4618c878e314e573a7c216df1

                                                                                                          SHA512

                                                                                                          81314363d5d461264ed5fdf8a7976f97bceb5081c374b4ee6bbea5d8ce3386822d089d031234ddd67c5077a1cc1ed3f6b16139253fbb1b3d34d3985f9b97aba3

                                                                                                          Download Submit
                                                                                                        • C:\Users\Admin\Downloads\The-MALWARE-Repo-master.zip:Zone.Identifier
                                                                                                          Filesize

                                                                                                          26B

                                                                                                          MD5

                                                                                                          fbccf14d504b7b2dbcb5a5bda75bd93b

                                                                                                          SHA1

                                                                                                          d59fc84cdd5217c6cf74785703655f78da6b582b

                                                                                                          SHA256

                                                                                                          eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

                                                                                                          SHA512

                                                                                                          aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

                                                                                                          Download Submit
                                                                                                        • C:\Windows\SysWOW64\drivers\spoclsv.exe
                                                                                                          Filesize

                                                                                                          73KB

                                                                                                          MD5

                                                                                                          37e887b7a048ddb9013c8d2a26d5b740

                                                                                                          SHA1

                                                                                                          713b4678c05a76dbd22e6f8d738c9ef655e70226

                                                                                                          SHA256

                                                                                                          24c0638ff7571c7f4df5bcddd50bc478195823e934481fa3ee96eb1d1c4b4a1b

                                                                                                          SHA512

                                                                                                          99f74eb00c6f6d1cbecb4d88e1056222e236cb85cf2a421243b63cd481939d3c4693e08edde743722d3320c27573fbcc99bf749ff72b857831e4b6667374b8af

                                                                                                          Download Submit
                                                                                                        • \??\pipe\LOCAL\crashpad_2280_SIZFEANDFXKWBVHA
                                                                                                          MD5

                                                                                                          d41d8cd98f00b204e9800998ecf8427e

                                                                                                          SHA1

                                                                                                          da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                          SHA256

                                                                                                          e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                          SHA512

                                                                                                          cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                          Download Submit
                                                                                                        • memory/1328-1741-0x0000000002230000-0x0000000002266000-memory.dmp
                                                                                                          Filesize

                                                                                                          216KB

                                                                                                          Download
                                                                                                        • memory/1328-1738-0x0000000000400000-0x0000000000455000-memory.dmp
                                                                                                          Filesize

                                                                                                          340KB

                                                                                                          Download
                                                                                                        • memory/1328-1752-0x0000000000400000-0x0000000000455000-memory.dmp
                                                                                                          Filesize

                                                                                                          340KB

                                                                                                          Download
                                                                                                        • memory/1328-1755-0x0000000000620000-0x0000000000622000-memory.dmp
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          Download
                                                                                                        • memory/1328-1759-0x0000000002230000-0x0000000002266000-memory.dmp
                                                                                                          Filesize

                                                                                                          216KB

                                                                                                          Download
                                                                                                        • memory/1328-1740-0x0000000002230000-0x0000000002266000-memory.dmp
                                                                                                          Filesize

                                                                                                          216KB

                                                                                                          Download
                                                                                                        • memory/1328-1739-0x0000000000620000-0x0000000000622000-memory.dmp
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          Download
                                                                                                        • memory/1364-1745-0x00000000007F0000-0x00000000007F5000-memory.dmp
                                                                                                          Filesize

                                                                                                          20KB

                                                                                                          Download
                                                                                                        • memory/1364-1747-0x00000000007F0000-0x00000000007F5000-memory.dmp
                                                                                                          Filesize

                                                                                                          20KB

                                                                                                          Download
                                                                                                        • memory/1364-1757-0x00000000007B0000-0x00000000007D4000-memory.dmp
                                                                                                          Filesize

                                                                                                          144KB

                                                                                                          Download
                                                                                                        • memory/1364-1751-0x0000000000400000-0x0000000000483000-memory.dmp
                                                                                                          Filesize

                                                                                                          524KB

                                                                                                          Download
                                                                                                        • memory/1364-1758-0x00000000007F0000-0x00000000007F5000-memory.dmp
                                                                                                          Filesize

                                                                                                          20KB

                                                                                                          Download
                                                                                                        • memory/1364-1750-0x00000000020B0000-0x00000000020B1000-memory.dmp
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          Download
                                                                                                        • memory/1364-1742-0x0000000000400000-0x0000000000483000-memory.dmp
                                                                                                          Filesize

                                                                                                          524KB

                                                                                                          Download
                                                                                                        • memory/1364-1743-0x0000000000400000-0x0000000000483000-memory.dmp
                                                                                                          Filesize

                                                                                                          524KB

                                                                                                          Download
                                                                                                        • memory/1364-1744-0x0000000000400000-0x0000000000483000-memory.dmp
                                                                                                          Filesize

                                                                                                          524KB

                                                                                                          Download
                                                                                                        • memory/1364-1748-0x00000000007B0000-0x00000000007D4000-memory.dmp
                                                                                                          Filesize

                                                                                                          144KB

                                                                                                          Download
                                                                                                        • memory/1364-1746-0x00000000007B0000-0x00000000007D4000-memory.dmp
                                                                                                          Filesize

                                                                                                          144KB

                                                                                                          Download
                                                                                                        • memory/1676-1761-0x0000000002200000-0x0000000002236000-memory.dmp
                                                                                                          Filesize

                                                                                                          216KB

                                                                                                          Download
                                                                                                        • memory/1676-1756-0x0000000002200000-0x0000000002236000-memory.dmp
                                                                                                          Filesize

                                                                                                          216KB

                                                                                                          Download
                                                                                                        • memory/1676-1753-0x0000000000630000-0x0000000000632000-memory.dmp
                                                                                                          Filesize

                                                                                                          8KB

                                                                                                          Download
                                                                                                        • memory/2568-1726-0x0000000000400000-0x0000000000444000-memory.dmp
                                                                                                          Filesize

                                                                                                          272KB

                                                                                                          Download
                                                                                                        • memory/2568-1736-0x0000000000400000-0x0000000000444000-memory.dmp
                                                                                                          Filesize

                                                                                                          272KB

                                                                                                          Download
                                                                                                        • memory/2568-1727-0x00000000006F0000-0x00000000006F1000-memory.dmp
                                                                                                          Filesize

                                                                                                          4KB

                                                                                                          Download
                                                                                                        • memory/2816-1765-0x0000000000770000-0x00000000007DE000-memory.dmp
                                                                                                          Filesize

                                                                                                          440KB

                                                                                                          Download
                                                                                                        • memory/2816-1769-0x0000000005410000-0x0000000005420000-memory.dmp
                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download
                                                                                                        • memory/2816-1781-0x0000000005410000-0x0000000005420000-memory.dmp
                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download
                                                                                                        • memory/2816-1780-0x0000000005410000-0x0000000005420000-memory.dmp
                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download
                                                                                                        • memory/2816-1779-0x0000000073F40000-0x00000000746F1000-memory.dmp
                                                                                                          Filesize

                                                                                                          7.7MB

                                                                                                          Download
                                                                                                        • memory/2816-1776-0x0000000005410000-0x0000000005420000-memory.dmp
                                                                                                          Filesize

                                                                                                          64KB

                                                                                                          Download
                                                                                                        • memory/2816-1770-0x0000000005320000-0x000000000532A000-memory.dmp
                                                                                                          Filesize

                                                                                                          40KB

                                                                                                          Download
                                                                                                        • memory/2816-1767-0x0000000005910000-0x0000000005EB6000-memory.dmp
                                                                                                          Filesize

                                                                                                          5.6MB

                                                                                                          Download
                                                                                                        • memory/2816-1766-0x0000000073F40000-0x00000000746F1000-memory.dmp
                                                                                                          Filesize

                                                                                                          7.7MB

                                                                                                          Download
                                                                                                        • memory/2816-1768-0x0000000005270000-0x0000000005302000-memory.dmp
                                                                                                          Filesize

                                                                                                          584KB

                                                                                                          Download
                                                                                                        • memory/3040-1783-0x0000000000400000-0x000000000056F000-memory.dmp
                                                                                                          Filesize

                                                                                                          1.4MB

                                                                                                          Download
                                                                                                        • memory/3040-1785-0x000000000A6A0000-0x000000000A6D4000-memory.dmp
                                                                                                          Filesize

                                                                                                          208KB

                                                                                                          Download
                                                                                                        • memory/3040-1786-0x0000000000400000-0x000000000056F000-memory.dmp
                                                                                                          Filesize

                                                                                                          1.4MB

                                                                                                          Download
                                                                                                        • memory/3040-26536-0x0000000000400000-0x000000000056F000-memory.dmp
                                                                                                          Filesize

                                                                                                          1.4MB

                                                                                                          Download
                                                                                                        • memory/3040-26543-0x000000000A6A0000-0x000000000A6D4000-memory.dmp
                                                                                                          Filesize

                                                                                                          208KB

                                                                                                          Download
                                                                                                        • memory/3984-1737-0x0000000001000000-0x0000000001026000-memory.dmp
                                                                                                          Filesize

                                                                                                          152KB

                                                                                                          Download
                                                                                                        • memory/4424-1724-0x0000000000AF0000-0x0000000000B65000-memory.dmp
                                                                                                          Filesize

                                                                                                          468KB

                                                                                                          Download
                                                                                                        • memory/4424-1725-0x0000000010000000-0x0000000010030000-memory.dmp
                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download
                                                                                                        • memory/4424-1722-0x0000000010000000-0x0000000010030000-memory.dmp
                                                                                                          Filesize

                                                                                                          192KB

                                                                                                          Download
                                                                                                        • memory/5008-1733-0x0000000000400000-0x0000000000444000-memory.dmp
                                                                                                          Filesize

                                                                                                          272KB

                                                                                                          Download
                                                                                                        • memory/5008-1735-0x0000000002010000-0x0000000002110000-memory.dmp
                                                                                                          Filesize

                                                                                                          1024KB

                                                                                                          Download
                                                                                                        • memory/5008-1734-0x0000000000400000-0x0000000000444000-memory.dmp
                                                                                                          Filesize

                                                                                                          272KB

                                                                                                          Download