hxxps://github[.]com/enforcer-pro/ddostor

Resubmissions

18/04/2024, 20:25

240418-y7llksfb61 7

18/04/2024, 20:23

18/04/2024, 20:21

18/04/2024, 20:18

18/04/2024, 20:16

18/04/2024, 20:12

Analysis

max time kernel
135s
max time network
139s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
18/04/2024, 20:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/enforcer-pro/ddostor

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 5 IoCs

Web Service

T1102

flow	ioc
32	camo.githubusercontent.com
33	camo.githubusercontent.com
34	camo.githubusercontent.com
104	camo.githubusercontent.com
106	camo.githubusercontent.com

Drops file in Windows directory 7 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133579451698054051"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 3292eaaacd91da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 0100000069cfc7d4891422033381cc4142879110f990250ccd1f30895e6f6c8ca28c9376d110ba7352f0e243dd0d434d10ecf224a8f6e19d794677fab414	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 27cfc6aacd91da01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9e1acbadcd91da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9f0ba3aacd91da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\""	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
780	chrome.exe
780	chrome.exe

Suspicious behavior: MapViewOfSection 8 IoCs

pid	Process
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs

pid	Process
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeDebugPrivilege	2212	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2212	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2212	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	2212	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4744	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4744	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4196	MicrosoftEdge.exe
Token: SeDebugPrivilege	4196	MicrosoftEdge.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe
Token: SeShutdownPrivilege	780	chrome.exe
Token: SeCreatePagefilePrivilege	780	chrome.exe

Suspicious use of FindShellTrayWindow 34 IoCs

pid	Process
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe
780	chrome.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
4196	MicrosoftEdge.exe
2552	MicrosoftEdgeCP.exe
2212	MicrosoftEdgeCP.exe
2552	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2552 wrote to memory of 4812	2552	MicrosoftEdgeCP.exe	85
PID 2552 wrote to memory of 4812	2552	MicrosoftEdgeCP.exe	85
PID 2552 wrote to memory of 4812	2552	MicrosoftEdgeCP.exe	85
PID 2552 wrote to memory of 4812	2552	MicrosoftEdgeCP.exe	85
PID 2552 wrote to memory of 4812	2552	MicrosoftEdgeCP.exe	85
PID 2552 wrote to memory of 4812	2552	MicrosoftEdgeCP.exe	85
PID 2552 wrote to memory of 2508	2552	MicrosoftEdgeCP.exe	87
PID 2552 wrote to memory of 2508	2552	MicrosoftEdgeCP.exe	87
PID 2552 wrote to memory of 2508	2552	MicrosoftEdgeCP.exe	87
PID 2552 wrote to memory of 2508	2552	MicrosoftEdgeCP.exe	87
PID 2552 wrote to memory of 2508	2552	MicrosoftEdgeCP.exe	87
PID 2552 wrote to memory of 2508	2552	MicrosoftEdgeCP.exe	87
PID 780 wrote to memory of 4420	780	chrome.exe	91
PID 780 wrote to memory of 4420	780	chrome.exe	91
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1440	780	chrome.exe	93
PID 780 wrote to memory of 1224	780	chrome.exe	94
PID 780 wrote to memory of 1224	780	chrome.exe	94
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95
PID 780 wrote to memory of 4328	780	chrome.exe	95

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/enforcer-pro/ddostor"
1⤵
PID:2772

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4196

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:212

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2552

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:2212

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2516

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2956

C:\Windows\system32\cmd.exe
"C:\Windows\system32\cmd.exe"
1⤵
PID:1360

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4812

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:4744

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2508

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe8ece9758,0x7ffe8ece9768,0x7ffe8ece9778
  2⤵
  PID:4420
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:2
  2⤵
  PID:1440
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:1224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:4328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2012 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1
  2⤵
  PID:4620
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4420 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:2164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:4884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4648 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:5228
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:5296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4892 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:5352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5060 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1
  2⤵
  PID:5532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3012 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3188 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8
  2⤵
  PID:3424

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2740

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2240

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
5d7d0f9912b42ef4e204bb0273eabe04

SHA1
c9ce579514f82fb69deb509d5d49a45bc2ec86a3

SHA256
e77036807d29f0939e354a81be02ace04a94111b5b11653d0585a8585711cdaf

SHA512
0b976526cf4a3ab16bfc32b818d900413182847a8c9660e6816f8ed134796a43c35fe8962b7758d2913e2e41935a96b1049fed0ed4948bee4c04052ec2a82bdb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
b9dfc4b0afaa275e8aa0579d3b177ba4

SHA1
842b3163993fa53f70b7b55c2c3494cd4dd4f75e

SHA256
f4104d13d91dab6b08065b435ae03021a2006f3d8db21fa1d681fb96c6270baa

SHA512
128d4ab617e70e5566802f960cc9db926d109a57e717a2344138669904bd7949ba0f1d2f2c6600278df54587268d8c4875cd1ddef1cce6cd27b9cb9b5a43cddc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
8ca15179a8a4a0e3420dc377f44fc418

SHA1
e15fdc4b4746c09fb0edcc9cf47494912df61a7d

SHA256
988420f1ac962f7d1c1675de1d3dfd5f23cdeca66a55d7fb6ddd4ec6491820ba

SHA512
cee380d6b825ad49912a28250fe6e9e8fd13bdd28a260f2156cad3e4e4ade8b769d7c3e95047f74d6782ee281b5c3ba1711ca4ede3b072b811186db08aa4cea6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
371B

MD5
76d0a1e4c8f402152b5e7319811b30dc

SHA1
4da8ff65fc0a85c4739bde7bf7cb46a3f4d337c5

SHA256
b419b02462f70a4791413f5194c6ee5db36e667c0b0574b837e8e9b5535acee3

SHA512
70f1738f11c29a9f6b6c3a21f90b78bf45ed93719107aa1db34b189d0a9f09548312f802280eece806aeac65bef776578e12a28602ea14bd38b4021ea2d8098b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
376e0b98cdae6f3cae3da26c9727aad8

SHA1
220a4d1264c3925e5802aa1f6ff69aaf0d86bf5a

SHA256
b2b26f0908eec51bebe90e99f5147d092bf752a4033ed5c1ec0461d5fc7c3b17

SHA512
afc8e495d6392b6606ed8ddfa265cd550b850a68b925ebe880ff14303f5145699a2838b71b31d1d417df4dc25478125ad350fd73a19786dc8e9882f9a544087c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
3ea1f41d520ed25c795c3c24fdf69579

SHA1
be8197c73b620e0a1d2060cbda4500ac21c89016

SHA256
4e9899d73341a9cf9fe94c24c465f88ac29022ee726343d710ff0869b5470f86

SHA512
3c02add015a8cdfc55f99d28850835ad5038e626cd518a348e56d0a5b1c4fb44b3811ca7e3b189b8308a785f7eef880aaea92b8f8d34e62066ac967ca34e26b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
12KB

MD5
af99caa1bdc955d32d65b809d0bd7bf6

SHA1
df632e734d4a02c22ac77d29845c357554c88e2e

SHA256
6988ea6aef5b702376cbf1eec85dc3fb347fa236869e810e33c9ee99affe5d5c

SHA512
31b53064b38e6194e136ef1421153fb71446366b79b0f4d2f1ffc48542801e4e2cf81517302f1ab977b823797828023d2ecdfbfa221e711970b21365455c4ffc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e4ffa469-eeee-4df2-b269-93da8bd73af1.tmp

Filesize
6KB

MD5
84785035ade5b985e861bb45783f601b

SHA1
18d777b1e480ec653a9771a438706f2813efef3b

SHA256
fda32c0cb0c0d3a19d3fa621d2af6a0d8dc1ffcdc7c315ec744822d22eea3359

SHA512
4f1e5f06bc3d95c6b87d70a0d94bab79ca566dc47c21838f4950bb0f3c553eefa7bde05ce50c17649a7519af6f3022e17c081d64314cbc2dc228f34187638c3c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
271KB

MD5
fdc1a19b6c70e599ff1121b0d5a74d68

SHA1
6081c97ded32a86cbf6a38d5070edde6ab330b64

SHA256
109f27f5c9d263be47d768306e475e1a0a0a002a03d2daacc3cdb0df6f318b31

SHA512
faecc11b4105a2ca2f1efb13a55e9f5c25f5485829b9957235301f8979db966cc4f29ae3f722ed12826948ab6fcfb9d5dd3f23289d57cd99b1306035c5db3242

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
271KB

MD5
1aa9b1d4dddb52428c0e6d41a7d6f840

SHA1
1ee450981d4b6c00873daa8f7432d90818bb98e0

SHA256
a71d5b566ae17a6bff4caa7a84101e2b89cc9ca677c8d7293d245825801938f5

SHA512
9019d21d0cdfb838c5c810fcb1f2e6d807e41e02d7a1bf2ec708425307aea52b0bfaaefbdce998724859076506c0970904aa87abaa6e625956f92b04355f7cdd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF3FD72BFB2EFD8A6F.TMP

Filesize
16KB

MD5
af5ac679dfbef2938d11777d668c15ae

SHA1
3fa308856b2f2e1a5430675d03dcf0e7381546e9

SHA256
e2db048b175973ba43a89ac5d7576e0b94188bb76a9a9e9958dc159af01c7212

SHA512
c839ad773a9d1d42d46a269e5b7db7fda70aa5d0cb364360982b1d4dcd8559afd27383ceb2c071d4d277bf8c02cd0e1f132cb595cf5db585d3c2456383a9c567

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\dark-1ee85695b584[1].css

Filesize
46KB

MD5
2f1124986d7087c89cfedbab9e6c5090

SHA1
84af5865a920d527c436719c2b00d9860e68f07e

SHA256
6e28388875a179d32b9788d45aba0cf5901513106aabc738c6f290643505b007

SHA512
1ee85695b5847734f481c143211fe9d590a987f2b56b1772664b7a529455bf19592bcfbeffc4281ed1b6679299244d40112203438e6275271a67c4bf1181fe14

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\github-07f750db5d7c[1].css

Filesize
116KB

MD5
19a4910055069ece0fd15033333b5169

SHA1
cc741789ac4f11c2e1818d25554f470ed002c7da

SHA256
c0467d247bf127ccf1de67ede2d21bcec6e1414e1c4f0b40f83f323b6d407156

SHA512
07f750db5d7ca69a75c752e69beb712768b99da639ee3ee96857c7c4e69364dee00c3f5a601b4cef713c6cfc4b0755d0629f4982bf35fe83dc2dcbca203e59d4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\global-2a3cd3230bd6[1].css

Filesize
271KB

MD5
c1162575b98a68c7873fe83fe79f2965

SHA1
bc280e99873368363959805ae1b666803ae4c9be

SHA256
3b55aeed5b06028e219e849a1c533b9f971ae986198d49769eb51a5372490a45

SHA512
2a3cd3230bd6e2e37376474cb9efcd485ed37146911a8e9dc89f4e190267356d7bfa7b7cc802216207fbaba4e28030ccd1c40160ade12c7d485bf4a07945e5c0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\light-f13f84a2af0d[1].css

Filesize
46KB

MD5
deca261177994c06974b8eed93ab0d5a

SHA1
6df91477da6dcfd0ccbf51fc39f2f31f03acd8fc

SHA256
7dfb4dd6d5448e12ce18a0c186a890f6b9e4550e9e160e83fefcaacdf6decd9e

SHA512
f13f84a2af0df501d75659ef3682b9991894b860be2045d686b276698831c211d69a7df233fa82880f83c633226187e5c4fbfaca2a9983fc0b52454f78fece98

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\primer-44fa1513ddd0[1].css

Filesize
347KB

MD5
cb3b98775e72345614028bcb572389d4

SHA1
bed826567a4dfa8c7b9ae5ed53dee69c7d367386

SHA256
25ad39ca5f33bdbbc85fa70b6f9fe46e4fdb17937bbb57669aaec3e0203861ca

SHA512
44fa1513ddd0098c15019b07c5eb888114c3b008d7f2e5a912d592ce0ac050e767a3ab0a55fe71fd9d5aeabd2d445280de508c8dd2bb83bf5073c1ba88980f89

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\repository-fa69f138fe8d[1].css

Filesize
27KB

MD5
92ddd397a592ef8df629545aff542ece

SHA1
de50aa0321796f5e0d0c162fab9b10f7c98d11e7

SHA256
ca1fff862edeb6dce1953d3ff7f1b76d84aa12aa7ac4d4eca05e323ffb3f6ad2

SHA512
fa69f138fe8dc9e8fbcc9f8211bc8e82608ccd52a41586a1438b3ed05922f0ddbd2e634fafcc34add72e0b36fdc6720d6a68530d6b4bda61fdf20e57fd553d2c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-7dc906febe69[1].js

Filesize
18KB

MD5
4d87a5470325fc3adc78598eb62264df

SHA1
9e7c5e4ac32802ba23d14e7c0d989848ccc3132d

SHA256
17339ebba6fc6f421db7fb62286f502727680abe7513bac481c8f50c1a747a10

SHA512
7dc906febe69aa010f9c86c3de40bb23d258c1f06c1be8ea034f605eedbd5399ef5bf9a51566e79f0a8f0639ad4e5f727f4a3c1771c7b03bb6568a8e0606a3d2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\app_assets_modules_github_ref-selector_ts-2b432e185ab2[1].js

Filesize
9KB

MD5
3008bf196bcb9081554c35d0080e65d5

SHA1
599c18ca5f933a2c7d103853f3d295bb4b07fd69

SHA256
3238339a3ebadc4358c84c48cb610df0dde4ea1b8d37fe692248184b4bdd4ace

SHA512
2b432e185ab27d8e07fcd73366b6af71114e20991ae4255fde6ef7a022b91508097cca4e83e9ad54ca69867c337fde774465d34697603b359a4195a83e1c9fd2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-82813f-960b7c5df16a[1].js

Filesize
15KB

MD5
1cf2369091f595216efce8d5e715fb07

SHA1
aea9f7e70b37a7fa86c9ef1ae35852dd1a15d9fc

SHA256
0c935035dce7a6c3fb2599af63a3374e8c997eb043ec1e475ed3eeaab46c380b

SHA512
960b7c5df16ac4d35664f332468164324937d57191367a415c45cd4574447a74482f8e91b2bbfe992bfd08253e360c98bf6bbd8ee91ad32a1515e9cab0099ac8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\code-111be5e4092d[1].css

Filesize
30KB

MD5
7cb9080aa576934b53486d3746529970

SHA1
cb9ad049ca59d0dc0095470fddb2bda8798211cd

SHA256
9850beb3ebe2c31da0ece9d1a823e5e7d26983626c6e2acf4210d33abf6660c9

SHA512
111be5e4092d831d8e068ff4b6d2be94cbccb5bf92adc549a6c2506c4712ac177d15a61b56bce1919a2bdf9bb66d4a24b805db3aaddeb86823912d1df805f2fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\codespaces-b7f6071c8422[1].js

Filesize
29KB

MD5
f9c8ddbbdd2edd866a0d7b473608fe90

SHA1
2cf32a231fa940ed19b79d59b84f909a81440a63

SHA256
f69a690aebae5946b46845b06eaa716de9e059ebc799e037e37941a63534339c

SHA512
b7f6071c84226cc63a6fb1404136a9f2f1d3bd3b0977ba126ce77856ecb21d81add53a40a9ab1c5af74e41224b7a94a463074691396dfac80f66d2bfe44309dd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\environment-775215f6b8df[1].js

Filesize
12KB

MD5
e0a178ecbc91bcbae9e8e906adb78e33

SHA1
a9738626c14f73015b36aafc729b325544f7af4d

SHA256
751de4fc6bc6c42c11515ce3805d1715190eb6b01bcf4bf14b2aa7c0deeee99a

SHA512
775215f6b8df5b189ed8fe380fe37a4c6d79de089051c3ee1242f1d8223d28fdf6c08c694dcc42e9cb4c0953bc172b099a16f9c6c774b3f747e2a30d60e90068

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71[1].js

Filesize
11KB

MD5
c59673d413609f36559412bd12b5776f

SHA1
7cd5f0a997f4d154400dacbfcab376395009f690

SHA256
eaeb0852cbcffaef96c7a00b0080169f4aa752f0f1d5cafcdf6177e2d0698c5b

SHA512
2ea61fcc9a716eb3452f0b6d6531d0c724f69aa55a032af882eaae96f7f59bd26f028f1832f1aa65bc6fe90612acbf145249cf83b285399e8e4da7fc4c9ff5d2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_delegated-events_dist_index_js-node_modules_stacktrace-parser_dist_stack-443cd5-1ba4dbac454f[1].js

Filesize
20KB

MD5
752eb45af6eddfc36e3093b24349e9ce

SHA1
99dbd6a84c7a358a550477fafe89681382e33853

SHA256
7a33dc030df6ffdac087a68957ff32de1c009447a7486be5770f290b37a2091a

SHA512
1ba4dbac454f4d7fcca50f75a5fd12b9591b8a7616a584e46c0a46e71896e69be5d3a5bbf8eb8c2118c3dcde22cb46e2c85cd37166fdb616e0c7318898276c2f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_dompurify_dist_purify_js-6890e890956f[1].js

Filesize
22KB

MD5
80fa30c00e347b5bbc8b7ff9dc2c9f44

SHA1
d085fe485ada77814949e92fa9e1b1eb05ba5eda

SHA256
be77c75cf182f1830d0f90b8d7aee460f0108c6e7f5a143a524f709b9023c80d

SHA512
6890e890956fafa8187511df1ac3c80a5b8d56be5ca989da251741f59c8d1186c0efa3d374f113b0ebeda124b78dedd106ea97f487ec04cf2a012e7bdd1048b3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_auto-complete-element_dist_index_js-03fc21f4e80c[1].js

Filesize
13KB

MD5
4d7edc0ddd43e54f4590ffe2f41756a2

SHA1
d6abd8e362faf9b9ff99ecc405345c553de6831c

SHA256
593268251b1b94c08df2e4f4ab6489678391cb112fd75a5e7a53f990d40b03af

SHA512
03fc21f4e80c42f4a4dec31f373272fe0002f5fb79295d3c9a165fe0e03353d793806f85f1e47bd7e357b3f278016ee578b090f553d8ac57122ee6b903b2ef07

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749[1].js

Filesize
18KB

MD5
1908a7d9985e9540b3f6fc047f62b729

SHA1
25a06882e338da16bbc59797925ac6086141f478

SHA256
1b92b8a1d5169e64edce1fb248cb5989561060b083e5f05b6ca2a823b748a946

SHA512
bc8f02b96749a7ec00a92334c4964a4255611b23e15b88a9fef73fce2b55e32bfefa7f4bb89d436685a92fe188713790b9154ed79b5d7b3690a3ace68346cadf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_mini-throt-1f9a80-369ba092db4f[1].js

Filesize
21KB

MD5
c5a133014c78ebb17476e56f1624a471

SHA1
1b66e28cd650cb2898c877102098df0b20ac51d1

SHA256
6958df6243dda9b745c0ad621aa4c7a9d997451eef9fae30314aec6d6592957a

SHA512
369ba092db4f090799a2f77cd391e4423b1d88b484ae79fd5cbdb1fe7583960423842a7bc65c613cdacf7d783690757dc048e241c423bd08c2768e367b5d5282

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-84957b-7b4e472db160[1].js

Filesize
39KB

MD5
d01d2bce3dc98f2f2c666ae71ca217b8

SHA1
f13c3f886c48a4d2128059ecda8a1d20f18c9a7a

SHA256
6df87b96f1a0275b8b53b076cb0e96c0db94d4b0fbf68af46f104f517e959616

SHA512
7b4e472db160274656c05f75b966dd61ece0b267680391018a38ab50b58fa43310db33d846bb2e1f0f91d7af2a78e10c200c293a069e369247a5251bc07ee320

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a[1].js

Filesize
14KB

MD5
2cabd818fb8745b2fc7d5f92594269b8

SHA1
88108fecb3839f06671c2a21e35163e0e414b2b0

SHA256
55cdbee6ddce98f5c299a24fb9851501f46ff0cdd2ef3b2f7bb572a3940b462d

SHA512
c76945c5961a4f5b2cb1f85bd3cbb35d5e81f611c3ba05543acfe870728e94e9719c9331b65f4c2c8723960c5ac1e9cac0495a892f049b41ed3ffbe899b93700

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-f924cc31bbb1[1].js

Filesize
22KB

MD5
7f058b92c458fdee6526e4b6effa4044

SHA1
f86d7307585d33009dc6567129d16f9b60f26342

SHA256
a984eb4db9696e042f807d8355cff85e0ca804df4d9fc9c91336d55f12e37920

SHA512
f924cc31bbb148e484f700cd62bccfd7b47b5b7940914893ea1b0b429ef041db0ea2ca4526371a9d4872f84659980b4eff908512fd3bfde7b41170119378a83e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js

Filesize
9KB

MD5
683a7fe431bded8fbbf7b5189a1b8209

SHA1
2fb527473877ea06ec6b023690ce933c216c5d07

SHA256
f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3

SHA512
9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_text-expander-element_dist_index_js-8a621df59e80[1].js

Filesize
11KB

MD5
da04614ae380b68c111984f401413fc7

SHA1
7ca0dc023ca0b1654d7c8630b8a05534e156d03d

SHA256
85fa448f4d60be73de2f42a83937523b7b751a4523b809fe9e3edb404e00b835

SHA512
8a621df59e80e8851a8cf3db03462095e8bba43a860b1018dc66780448e82d19871be99aab995fa57025db8b7f8e975eb0595fe2c59ca23d984b4d21d5031aaa

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-7bd350d761f4[1].js

Filesize
9KB

MD5
b6b600c9f1dd4c88024d62e6ff2eb871

SHA1
5a22091378af6a681a1edd36e5337b9b6f70613c

SHA256
447a26cbcbced255f24f46c1e82a6f3a4de3b2a44d4b0ab7b6f427b12f783f8f

SHA512
7bd350d761f4f22866b454b1271af79ef5d23f5d1b8cb0598c34f739e3dab977450d61d01b8a0c135fff309389f712c0114e9cd6e844d2261d2536377b71b838

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0[1].js

Filesize
8KB

MD5
6822816845d932c1e93f68372f005918

SHA1
1dd14a539530e8d131ce29be5e5f84e4098b6a15

SHA256
14d338ed3345cc8d74e239c812aa37eeee6126bc1ad8a17e4e2cf6ba8ee0adee

SHA512
086f7a27bac0d285f5e0c849cebac7176f86edb18037d8ec4356c2b8892fd3f47e045f857eb673b213661eea17441192cdb7a76c807c2badcecff6b7901aba92

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bb5415637fe0[1].js

Filesize
13KB

MD5
331e44e17e9ff14023510b990053a71a

SHA1
096363b6e8794bbd45a352d3cc8cfc4946b832b2

SHA256
7db9b2cf77bda551dc5b202710a2ebccc88a74f6d807a8eaf19d3624befba34c

SHA512
bb5415637fe067dfd3bba724d1e3ec440d342feaef6d42226cad26c535dab05ed798c92b46104b1cc843345e11d3e40a72a051c7730438fc2ea59abad6b2b26a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\wp-runtime-97879d6e03f8[1].js

Filesize
40KB

MD5
bbdf47e25b5deab009095c71f9ae9f4d

SHA1
4ab64a16a793591d3af88a7c82b7c3b52ad53ae4

SHA256
722024f564be57db04c27af2b199f7427eccb8fd870ea951a5c4c638507fb49c

SHA512
97879d6e03f83f4a232f7ffabbcfb8375f45360446020a3f24596ef4141eced04bba010c3281ee7605c5a909cd8ee65d2255f5203274bb7ff0ec82c2acb666f6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PU4IJSC3\ddostor[1].htm

Filesize
268KB

MD5
19b5cdd7b7781bd0193191d58a04ddba

SHA1
00e2910610d4f5379ab115dcdcbf939005fb7d5c

SHA256
5a87c495fb6e16f310075ad7750c7488bbeb111a5563a9d1e7a2f5a2c901818f

SHA512
91645e45c407a410694a5e8d83fce3b9eb83617ae340f470b6b13848c37219e5b10f8b0303c08fbcc2e7bfe89ec80b6bb821d6d46f7390975acbe4059726664e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-05fd80a7ea89[1].js

Filesize
16KB

MD5
1744a9703e1e020807f5737c6b8d31d4

SHA1
05324e0e6182695c223cc5e1f71e889d2370ca28

SHA256
fb98c78a9625b1eafd3c0e7d9884e2764c791c4013577f0d03c8681e4f2b02d0

SHA512
05fd80a7ea89e5d8a0650424b5f7dfaafb7c36ef6537da43d4665840d8ab19ac7db0b33945beeb3680929fddaf6cdfd6e1cd62f754a183f65142482e9d0dae3c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-9285faa0e011[1].js

Filesize
11KB

MD5
ea2f459bb2eaf606a6d110bb721f8c85

SHA1
0cfc1539816ee68e0ccea2f32fb4191bb8b05224

SHA256
3c0095ede9f86618b394dcb281a35c659330ed3532ff49cb699c4f95083a912c

SHA512
9285faa0e011208b72caa43ce51dd15a03224c73810ca9d549ab21c344c2c96f7b6bb31b86e922858cfe6cebe6e3b09e7dc8fa35c6c78fd7c44b6c919002ad02

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-9de4213015af[1].js

Filesize
14KB

MD5
f773d7682704ca9858b63b87f67919c1

SHA1
edcb0120ca99d5ddc395fae4bcac301928f49ef0

SHA256
0b6e667cb5fae47ba109488f66ca4a2f3a55a80f25cda4ca17db228b3ef3464b

SHA512
9de4213015af6aa07708f102ee75a6092518d4ce61198db20c67def5a37ed0b924bf0007bb23535aa11da61f818e6d80c7c84f31b8f4e76c5413fc0086850d9e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-745e8b6794ab[1].js

Filesize
12KB

MD5
b4573f1cd7cdd2573ecbdf707be8a3ab

SHA1
970d6f423fa9c7923f5a19fc3e449bc827c863de

SHA256
8110d18a776a06ad558a2ee7499c04400f634c3e2150e700ecf2fee84c7b4ceb

SHA512
745e8b6794ab3cd4de1fd40e464c1f090879b26f7dce8a266005781808b312c599eeb6e966049db3e18b815f30506c4c2061065034238d8baaab8fcbe5afd84b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_repositories_get-repo-element_ts-f6b365a47eda[1].js

Filesize
8KB

MD5
5efc6bbf45a43234e23e72093fefb784

SHA1
b90024ee0e231af171b857c16b4171e38d969f7d

SHA256
06547a5b4c2aea39d163f18d7c444778fd378ff23782d7bfa9fae8916ec1871c

SHA512
f6b365a47eda894ba80cf4d4242e56c4e00a379444520665ea837b1437b4f345fb523c196ee2d81397b93aaa8c6543286f578dcf4c6c5756bc6842399c20535e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_sticky-scroll-into-view_ts-94209c43e6af[1].js

Filesize
9KB

MD5
ea01bea08a155fcf33ff2a18fcd0ecb9

SHA1
1f58607e282514d7a1dddf9aeb2b91bc5f5fe7dd

SHA256
ecef9a63582229cec2ad4531de2fcbe4098fdbac1ff41d7ad269fb47b3ad6352

SHA512
94209c43e6afe456a67e0fe26ff4f4bc8982137138891fd2aa1660150c4e03333187d63292ebf0d5aee64d0c5f8f0e40421e21923e7588d5213d8892e8a207eb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\behaviors-a9123655fa03[1].js

Filesize
227KB

MD5
56ad23f177b1c19d82879c5bbcab1646

SHA1
89753e6b4e0f59d3bfee63b9db29814653a07cf8

SHA256
3f64769e0be21ed5a2e17f3685b01f35ed182df5783696c5c0ef87bb60de53be

SHA512
a9123655fa038f3c5a2ee6b62ce8de73a55bf60bf4fc48083f73b5f9e71ae4d5f351c0aa3d7bd160baa18a64e648b5ad5d10230e74e83e716e7c8e6317940a04

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\code-menu-67595c3a6d0c[1].js

Filesize
6KB

MD5
ecaf6842df29586e81888f69eb17735d

SHA1
0198df718b7a77e364ead2448e0a62801c3bc424

SHA256
6013aaf029f706510f8bce05010294da2cf4612cea03fcf17f1276b2b21e63b2

SHA512
67595c3a6d0c65d58abf6e2303f8ddf180c35cdd5aff7a3684ac2acaa525d52d60dce484d507c78135be0b629025c9749d65e2a0eb69e2770a62694dd51bd666

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\element-registry-9a257da99f6e[1].js

Filesize
44KB

MD5
f3ef81240c6d652580843606077656da

SHA1
03d297c437a2531d2193920efd941bab272c1670

SHA256
6048417bb912615ffa8f7bc21bca43cf45ed0fd99d07fbcd14d4611c52a770b0

SHA512
9a257da99f6e06fd9d841c9b601af6f989d01c1581e4575bc6e684b12bdba78c98120590caad49f52d1a24eefa216e50a85feaea98e61578887de35223e52bf5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\github-elements-34cbf079a4f4[1].js

Filesize
32KB

MD5
9b47ccb6b752170f8b8ec20286fe05d5

SHA1
901760a96176174e307ceb67f3da102cf453464d

SHA256
059921042948a7df80ae1f8c76c1c0442143ac4809aa32e0d0adf514628fd705

SHA512
34cbf079a4f4d5e31bfce2841741f11658e0f9cb616555c87fc94d6dfab507484df09b215ccddd590fd13219a4a0723f64f0cc13bca4e5b0a16b536f4bc62831

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\keyboard-shortcuts-dialog-b4a646a773af[1].js

Filesize
26KB

MD5
d41c8b3e035bf39e41027d48218a9df7

SHA1
365f61f83274ad56dc7eadebf0a8c8eb85e09943

SHA256
69fe955c15e1030befcfae0657d7c7154882ee408e8134cbd6e66ba291c7ade3

SHA512
b4a646a773afc1b5b99118c02ab94fcd134ff52d7cbe3e7b2cb1f7480e8bd30b442ecdf3e0aa4f120d7080747d15bf5a57b742ab53572fb9534fffc9ec33cda3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\notifications-global-6d6db5144cc3[1].js

Filesize
12KB

MD5
261150ee37eedc1c587ea9a21a7e1b6a

SHA1
f2112e464b8a356e675ad36e2c20f58e12e140e2

SHA256
020fa19a1945b66e3f2bb224b98568b884996fe404bd5dcb9e91d20bbe6ceaeb

SHA512
6d6db5144cc3ea031f04632fe9eeea3ff3dd4d91740526de02e57d2cae60aa5afe5b8df0de2d92c46eca064c5ae20abe3d7e9778d36e94990f74e432f6ecec70

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\primer-primitives-0b5bee5c70e9[1].css

Filesize
8KB

MD5
4a501b962a497016dc70c7dc3f95f859

SHA1
7d50b4e6274c503021751982621678afed30ae6e

SHA256
8a9ace6d9250dd653522dd94b426d1617df95fdfd86264beaccefa22c78fc7d0

SHA512
0b5bee5c70e933f062d7773a200472973456db928fb6dfa0c9bf0ded60b04e4b0100ada3f4234193aca992acd72d196f5b5f458fa4b51636b6bfe9be16c8f191

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\repositories-57e1f829b48d[1].js

Filesize
71KB

MD5
3e273a3682b598ea60bbc9b639bca6e4

SHA1
a3e8b6f250baac841eda33fba2f98348ac3beef1

SHA256
1d56dff2dc03191c8abbf96ceb3a12823cb74f6697ef8777c0c9c08f42c906c7

SHA512
57e1f829b48dd9eee5ebffbf6faf3ba48447c86e19ac433ae0935bb38848f56a57aa0a6a7f3f87ae0dfbbafa3bc03cc42da3ee9c5bd2ce015bb2f2c3ebfc36ef

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\ui_packages_alive_alive_ts-b956d50b9283[1].js

Filesize
9KB

MD5
322f994d5259a24ad2c65b7f638b55c0

SHA1
ea402d6b4001fa366304b3b018cdf037cfc23ed3

SHA256
a54568d95a02039f586594198ebd8079bfdcab083fd663f01b5089bb5ba462ef

SHA512
b956d50b9283885fa29813f8387ad57d65013fd925bdc4c7df5bf05ed398b6250c8b52675036ae75a77e3d78c1c2aabad1f5cb5939969d9e32cdb7aaa56a2e41

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_color-convert_index_js-72c9fbde5ad4[1].js

Filesize
13KB

MD5
c706ad84a4eb261b75d1f77ce7f9bdc8

SHA1
497a9725442e7305adc54d19b828b2e38c5c56cd

SHA256
80b561c1746ef1533744e7bf7ea3f6c721a88a104d665bb97ffa8df96e69b682

SHA512
72c9fbde5ad471c76b76034459d0d75db00cceaf3904a14c01dd9dd9167da7f783086b79c446b24ed2630c9cebca1996b3ff8ea52dec6c865f173c8158962be6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-4da1df-9de8d527f925[1].js

Filesize
8KB

MD5
e26206a08e0a408cb0ac26b62bc378dc

SHA1
1976478d9d2e3a2b594b383a71b7c18c33abe31e

SHA256
5480f3fc81d2395070c90579a17b32713d017c4d17dc9bad135afe1521976930

SHA512
9de8d527f92555e0c1222d6ed8290f66a7a34b5bbff0ae827b40b85cc2ccbad51b4d097ef269aab806d73059e7ea2afe8321ff19a5e12752441f33f56bfbcfe2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_behavio-2144fe-a56c35798651[1].js

Filesize
14KB

MD5
b076465d870a523f653c3f78163dd31d

SHA1
076bedab4630ebb82dd3ddac84e156d218469d8e

SHA256
dcefd3c194ec6b9e6a82d5bfdafcda082b00bc21feac2e5585881e6316286fa4

SHA512
a56c35798651a644c5de0299eb990d9e4db889586a03222cd67cad8dac3b16165c0f2529a402dba093cb7a1cf390cd23f27ce1ef818452a3dbd6104e109441d2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-27181b-3509ed8075c4[1].js

Filesize
97KB

MD5
6eea70c9ace3bb9f6c684fd593318b48

SHA1
2cb85a9551db444f4e5d69065374a717334c65fd

SHA256
1fb1497b55f8d938c1753c298394604d4f959ec90b8cbd9ba70771b885cd1029

SHA512
3509ed8075c434814ac3f01e1acf881f456e4a3cbc94ff6849757f30f997b7c05c352916780f8b42ca7ca611f81d29b0330a40891fb72c72c6cdff9ee2e8f458

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_github_remote-form_-737e8d-13881b8e7358[1].js

Filesize
12KB

MD5
65aadd89595f4fa46f1237aba5ede313

SHA1
5b2ea2970e591a97f9459fc372d215dd83f2d558

SHA256
ea49c037d3b8ffcb4db1892150c7fc3937bd5dd86e255d2dad1f8325d52fece7

SHA512
13881b8e7358011bdac8d3ad881f03f9e1ef492612251e144e71badd6ea096ad3f508a88cfb569ea698b71e8c798c62afa46f58f428e1372610a794f57d275ea

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1acb1c-a745699a1cfa[1].js

Filesize
19KB

MD5
861fa69db074f86d7b825200d303b5cd

SHA1
6b0dba99c449561eccec58fb4f0225d4d9c7a25b

SHA256
d0626b0be461588e2510ec528a0ae6fbae4ac363ab56b53bff39382a1a925810

SHA512
a745699a1cfa87148f99a041663a7be4e70130245c5a616a90e77f4538deabafbac9a5debf8aa517ef65b965e1d3b1ae6cdd85349921cabce52eb1ec9a71117b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-a8ec7ed862cf[1].js

Filesize
9KB

MD5
f5fe12a51a2d925ad59a3b4dbde64239

SHA1
eaa86c9029b6cf765ea31c730ee0c89817cb43c5

SHA256
b07d51e4c93c6d1ba90812c547f4b39a7153582a8bd99e84397098b16223d3a4

SHA512
a8ec7ed862cf730b3eec63dbfccc41cc3b6c8f0cc2b31ccc6d6cbd1041a50ce050a7b977f55008d9a9f5fc6a889260c4766aab744a63d8670410323cd18ae31c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62[1].js

Filesize
75KB

MD5
8d2fd700b674b265b884566f9e1a68b2

SHA1
b0071dc74ec8602aeb4d4063ace590e7dc26ab6c

SHA256
8d303394176f2b0cb950c35e71caa07a94141a3625c75d8b5da9f42f9a1bd700

SHA512
c91f4ad18b621b1321ca15512f94dfc9b7759ea2d0a150e0d4ec12c62ace6f5d01e60b991f0f1fa523b96ff9e0174e89a5c6496a6df15b61e57f232f2fdae967

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_lit-html_lit-html_js-5b376145beff[1].js

Filesize
15KB

MD5
81628c9093236d8e3cf835f708c30608

SHA1
846b10531dfca6510051fc43abb8f9b5647a0433

SHA256
daf381c316a5988c9116aa65c5816cbc8a958211b4c0b7d989ad6c9645757902

SHA512
5b376145beffca1bfc6b0352c08819609a974b6170848699421208752a63f057869e0e4ddd23797b3a0c281c276d7fae580cf41bb5465c632aee58524b21e7ba

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-05801f7ca718[1].js

Filesize
5KB

MD5
11819c8c15340c7ca8339fcc945a4f06

SHA1
5fb0a03295e008aec0a1abc786b9e8bdaa3a233e

SHA256
7bb4cf0c86c218c29466a022a4c087e72ae5cfbcc0307a67c9a5af2a0ec2a521

SHA512
05801f7ca718d5ffd9e34ed99b557c1e8c624eb6263e0eb4f94e6fe32c4a1b1c1663419d89594358471edabd80a15f1143200b4150051e99377b988dba7d7389

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34[1].js

Filesize
8KB

MD5
913a77fa8f878b5f1b7bc5c3c53daa45

SHA1
e2f68e5c24e77ab985603430e9666fc1718cadf7

SHA256
69b7ef034ddc6b605311ca503ca24f54de1758816ef270a160315ed71fc3d7e5

SHA512
95b84ee6bc349a259aa1a1298245ff5edb5cdd1b6f5013e0c5eff8059c1f90125e8a1457c40c54ce103f4d18160a55cd7084922ae283bf00f8b425cffd1efa48

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--b964b4-6ad237e6932f[1].js

Filesize
32KB

MD5
58a98aa089657671b37a5b6afcdac603

SHA1
e7f92b01062c0728ca72e779a98380b090b3bf36

SHA256
962996a98e34a53a4ffe0eb900ea07eaa804d63f357e23b9b7946847790bdcee

SHA512
6ad237e6932fa0c0b0daf53ffeb0457902e2b452369eff6391c046f651af1a2f017f4aef32ca4b619be9b6351b7dca1cee56df50b2b88b3f67f97e86c47831b0

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_detail-c9d0ba-387cde917623[1].js

Filesize
16KB

MD5
53ff79ebcfdf43432442302b235f7eec

SHA1
779135179b1f66f503e355b5b1bf1d629cb7deda

SHA256
0e9858012a17c942cd8a3761815132a66b1e1a721732af9b84a4d17d822a0eba

SHA512
387cde9176234c43a9a2ff92655b22d330b5101da5abdb275f1cf2383e19f4b50d1ba6485c603f9ac154d812f5d0943b4b7fd87973fa69c8afd48d005b9974af

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-878844713bc9[1].js

Filesize
12KB

MD5
84eee0a0d2d52ce4048f2dbdb3589012

SHA1
9723f142ff6ce47f65dfed06d70b68a305a8dbb8

SHA256
bf11813ce0246da52cb3132837619c44d1e837e3eeebbbef12137dd91dfbec7f

SHA512
878844713bc98efc35c1a8041e3a53fa3e2ac9669dddeeeb2962ce6cdd465f84f0d41c3774ac27bd4bffcfbdf4832897e7711dbfd17adfac9d2fab206292c4e7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\77YGF3UI.cookie

Filesize
166B

MD5
91002e3caa1a46a8e0e34ef8ff25820c

SHA1
57aa105fdad1c8cc3c0bf5c4bd658e2b617ca2be

SHA256
591d2aa58c8fe8d99236b7a28382e0c0b7bf539450981aca23220327ca854ac6

SHA512
f88a0ac583510befd2b5ee54521e1656d557de344a7881b2b8c452593eaa9798446c5e0c76b6faa6ac95ac590589971d7d76caf5b8a7f4580df2ef67cf20c488

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C

Filesize
280B

MD5
d34dcd8b46eb49d87a8378d93e4dc1a5

SHA1
3a14eb147d4eddf72e3c7aa0185fee1247f82f97

SHA256
8caa13a5d3bea9c58cbc9dfb87ac513a7b8597f77c8fd7f414939cd1251b79cb

SHA512
6a9f8473b133ebb7d5c639815a3542a74871e791fb5d2f19216e919e5fc288f0e848df32d77465df5c88b17d7be5ad3f2112bb6025c24048cc4d6451ddbb5c36

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

Filesize
1KB

MD5
444803b9dda66f4fe89514e92040a763

SHA1
21fa43406e4cf07f35cec181c109aa428108320c

SHA256
b66c6e7310ae12c4538a5abd4d26dc393e22626cdc596228529a8793ba70b12c

SHA512
b8185faacd032a720d39fcb067a5ee6dec2e676d55dd5fbb8fc8772fb62327427e0d14f9f68ee46a7c47f280e8915b3a190291e613def3fe6fa33b387fb32500

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

Filesize
979B

MD5
702df74cfd9a8f370b4f62f2549af2ef

SHA1
0d03215e18a35d0124acad057c912aab26fdba4d

SHA256
1a8d3a6b6895c1be360226f73fb3b0bd3266feadcd824a1578b318f132b8ae50

SHA512
0b70ef4564cbc43a5ef1375ce1df71da44a4ff56f856b413ebe866c618afa6aab251ff844851eccc57af78a34b39bd44388ae5227a84ea077d9615c4e56a75d4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C

Filesize
480B

MD5
249d020ddcdba8dffecf09954ad468c7

SHA1
ceb850127d89a007fd8694800a4d7ed581f5d75d

SHA256
36f14adc603ed1a8e2e5de8088fef99fb06822d2fdbf299f07b06647f20d2834

SHA512
9a89ebfff041c96fa7fea1ba4ad5fd2aa03d96cf2943bceb7134a8506c7fa469786a9db4953d2f14d37088e009345514e2933ebf3d44d8e8c3bd1f347d45379c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

Filesize
482B

MD5
7bdd2199d32b7fc4c9a809ca0839cc03

SHA1
4af58d3320c56b30161af4736ee596e7af1da8c8

SHA256
ab09f4f1ab1f5d0706d29d5fe23f9629f48363e6523b053b8e441b746aba16cd

SHA512
c0528cc6e821c17ecd29f567a603473627d25103c0fe5f07a469ff1678557d0ebac4d1d0de58647ffb3dfb3a0e03ce70359c04394b6871e28dc40a316de97a9c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

Filesize
480B

MD5
99ec01d3a31ee7a28dea900ff2f1a020

SHA1
0bf5a85c15d7117226c539bd5f3f01137d082a24

SHA256
6b112b7f0f1fecb1e9118a289d5bdee9f62aef2e557a19e7c3c4ed2bd4d84024

SHA512
6d05f974fd3ec73fb4576fee4010bbc5c3ff998e748639ebc3843dfec88c2f53de9051df7ceec558d39120eb620785ad718ee22d78091ec52f13af0558ce66cb

Download Submit
C:\Users\Admin\Downloads\ddostor-master.zip.crdownload

Filesize
23KB

MD5
644f98d440c23deb8a7b4b29be4c8aa0

SHA1
be93c232c37066c42dd015fd858691a35e3d4c48

SHA256
e50931ba3cffdbd98d393b33a879fec9298708930203812dde5aaa066b5ada61

SHA512
4a6c5b9160dad154318db7e8956313598c0dbddda4732028fc1ff080dc2e3e37d67fc299e0d90158dfd996cb362e2a0ac274314d730cc2fc80ae0dfb7362e6bc

Download Submit
memory/4196-306-0x0000028F89D70000-0x0000028F89D71000-memory.dmp

Filesize
4KB

Download
memory/4196-0-0x0000028F89A20000-0x0000028F89A30000-memory.dmp

Filesize
64KB

Download
memory/4196-302-0x0000028F8A000000-0x0000028F8A001000-memory.dmp

Filesize
4KB

Download
memory/4196-299-0x0000028F8A1D0000-0x0000028F8A1D2000-memory.dmp

Filesize
8KB

Download
memory/4196-35-0x0000028F89D80000-0x0000028F89D82000-memory.dmp

Filesize
8KB

Download
memory/4196-16-0x0000028F8A340000-0x0000028F8A350000-memory.dmp

Filesize
64KB

Download
memory/4812-249-0x000001EC45020000-0x000001EC45022000-memory.dmp

Filesize
8KB

Download
memory/4812-247-0x000001EC45000000-0x000001EC45002000-memory.dmp

Filesize
8KB

Download
memory/4812-245-0x000001EC44F40000-0x000001EC44F42000-memory.dmp

Filesize
8KB

Download
memory/4812-243-0x000001EC44F20000-0x000001EC44F22000-memory.dmp

Filesize
8KB

Download
memory/4812-241-0x000001EC44F00000-0x000001EC44F02000-memory.dmp

Filesize
8KB

Download
memory/4812-239-0x000001EC44EE0000-0x000001EC44EE2000-memory.dmp

Filesize
8KB

Download