Malware Analysis Report

2025-01-23 15:26

Sample ID 240418-y3rxssfa7s
Target https://github.com/enforcer-pro/ddostor
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://github.com/enforcer-pro/ddostor was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Drops file in Windows directory

Suspicious behavior: MapViewOfSection

Suspicious use of SetWindowsHookEx

Modifies Internet Explorer settings

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-18 20:18

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-18 20:18

Reported

2024-04-18 20:21

Platform

win10-20240404-en

Max time kernel

135s

Max time network

139s

Command Line

"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/enforcer-pro/ddostor"

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File opened for modification C:\Windows\Debug\ESE.TXT C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
File created C:\Windows\rescache\_merged\3720402701\1568373884.pri C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000\Software\Microsoft\Internet Explorer\Main C:\Windows\system32\browser_broker.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133579451698054051" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VendorId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-Revision = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 3292eaaacd91da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modif = 0100000069cfc7d4891422033381cc4142879110f990250ccd1f30895e6f6c8ca28c9376d110ba7352f0e243dd0d434d10ecf224a8f6e19d794677fab414 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-DXFeatureLevel = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3\{A8A88C49-5EB2-4990-A1A2-08760 = 1a3761592352350c7a5f20172f1e1a190e2b017313371312141a152a C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CacheLimit = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\PrivacyAdvanced = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 27cfc6aacd91da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9e1acbadcd91da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9f0ba3aacd91da01 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "1" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VendorId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListDOSTime = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x1414\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-4106386276-4127174233-3637007343-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0" C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2552 wrote to memory of 4812 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 4812 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 4812 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 4812 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 4812 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 4812 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 2508 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 2508 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 2508 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 2508 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 2508 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 2552 wrote to memory of 2508 N/A C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
PID 780 wrote to memory of 4420 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4420 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1440 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 1224 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 780 wrote to memory of 4328 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\LaunchWinApp.exe

"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/enforcer-pro/ddostor"

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

C:\Windows\system32\browser_broker.exe

C:\Windows\system32\browser_broker.exe -Embedding

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffe8ece9758,0x7ffe8ece9768,0x7ffe8ece9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1636 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2012 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4464 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4420 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4756 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4648 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4892 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5060 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3012 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3188 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 --field-trial-handle=1848,i,11477174741552410203,17330023398852335369,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 98.56.20.217.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 185.199.111.133:443 camo.githubusercontent.com tcp
US 185.199.111.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 13.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 watson.telemetry.microsoft.com udp
US 20.42.65.92:443 watson.telemetry.microsoft.com tcp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 92.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 20.42.65.92:443 watson.telemetry.microsoft.com tcp
US 8.8.8.8:53 microsoft.microsoftedge udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 100.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 198.111.78.13.in-addr.arpa udp

Files

memory/4196-0-0x0000028F89A20000-0x0000028F89A30000-memory.dmp

memory/4196-16-0x0000028F8A340000-0x0000028F8A350000-memory.dmp

memory/4196-35-0x0000028F89D80000-0x0000028F89D82000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\77YGF3UI.cookie

MD5 91002e3caa1a46a8e0e34ef8ff25820c
SHA1 57aa105fdad1c8cc3c0bf5c4bd658e2b617ca2be
SHA256 591d2aa58c8fe8d99236b7a28382e0c0b7bf539450981aca23220327ca854ac6
SHA512 f88a0ac583510befd2b5ee54521e1656d557de344a7881b2b8c452593eaa9798446c5e0c76b6faa6ac95ac590589971d7d76caf5b8a7f4580df2ef67cf20c488

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\PU4IJSC3\ddostor[1].htm

MD5 19b5cdd7b7781bd0193191d58a04ddba
SHA1 00e2910610d4f5379ab115dcdcbf939005fb7d5c
SHA256 5a87c495fb6e16f310075ad7750c7488bbeb111a5563a9d1e7a2f5a2c901818f
SHA512 91645e45c407a410694a5e8d83fce3b9eb83617ae340f470b6b13848c37219e5b10f8b0303c08fbcc2e7bfe89ec80b6bb821d6d46f7390975acbe4059726664e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C

MD5 249d020ddcdba8dffecf09954ad468c7
SHA1 ceb850127d89a007fd8694800a4d7ed581f5d75d
SHA256 36f14adc603ed1a8e2e5de8088fef99fb06822d2fdbf299f07b06647f20d2834
SHA512 9a89ebfff041c96fa7fea1ba4ad5fd2aa03d96cf2943bceb7134a8506c7fa469786a9db4953d2f14d37088e009345514e2933ebf3d44d8e8c3bd1f347d45379c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C

MD5 d34dcd8b46eb49d87a8378d93e4dc1a5
SHA1 3a14eb147d4eddf72e3c7aa0185fee1247f82f97
SHA256 8caa13a5d3bea9c58cbc9dfb87ac513a7b8597f77c8fd7f414939cd1251b79cb
SHA512 6a9f8473b133ebb7d5c639815a3542a74871e791fb5d2f19216e919e5fc288f0e848df32d77465df5c88b17d7be5ad3f2112bb6025c24048cc4d6451ddbb5c36

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 702df74cfd9a8f370b4f62f2549af2ef
SHA1 0d03215e18a35d0124acad057c912aab26fdba4d
SHA256 1a8d3a6b6895c1be360226f73fb3b0bd3266feadcd824a1578b318f132b8ae50
SHA512 0b70ef4564cbc43a5ef1375ce1df71da44a4ff56f856b413ebe866c618afa6aab251ff844851eccc57af78a34b39bd44388ae5227a84ea077d9615c4e56a75d4

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

MD5 99ec01d3a31ee7a28dea900ff2f1a020
SHA1 0bf5a85c15d7117226c539bd5f3f01137d082a24
SHA256 6b112b7f0f1fecb1e9118a289d5bdee9f62aef2e557a19e7c3c4ed2bd4d84024
SHA512 6d05f974fd3ec73fb4576fee4010bbc5c3ff998e748639ebc3843dfec88c2f53de9051df7ceec558d39120eb620785ad718ee22d78091ec52f13af0558ce66cb

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 444803b9dda66f4fe89514e92040a763
SHA1 21fa43406e4cf07f35cec181c109aa428108320c
SHA256 b66c6e7310ae12c4538a5abd4d26dc393e22626cdc596228529a8793ba70b12c
SHA512 b8185faacd032a720d39fcb067a5ee6dec2e676d55dd5fbb8fc8772fb62327427e0d14f9f68ee46a7c47f280e8915b3a190291e613def3fe6fa33b387fb32500

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

MD5 7bdd2199d32b7fc4c9a809ca0839cc03
SHA1 4af58d3320c56b30161af4736ee596e7af1da8c8
SHA256 ab09f4f1ab1f5d0706d29d5fe23f9629f48363e6523b053b8e441b746aba16cd
SHA512 c0528cc6e821c17ecd29f567a603473627d25103c0fe5f07a469ff1678557d0ebac4d1d0de58647ffb3dfb3a0e03ce70359c04394b6871e28dc40a316de97a9c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\light-f13f84a2af0d[1].css

MD5 deca261177994c06974b8eed93ab0d5a
SHA1 6df91477da6dcfd0ccbf51fc39f2f31f03acd8fc
SHA256 7dfb4dd6d5448e12ce18a0c186a890f6b9e4550e9e160e83fefcaacdf6decd9e
SHA512 f13f84a2af0df501d75659ef3682b9991894b860be2045d686b276698831c211d69a7df233fa82880f83c633226187e5c4fbfaca2a9983fc0b52454f78fece98

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\dark-1ee85695b584[1].css

MD5 2f1124986d7087c89cfedbab9e6c5090
SHA1 84af5865a920d527c436719c2b00d9860e68f07e
SHA256 6e28388875a179d32b9788d45aba0cf5901513106aabc738c6f290643505b007
SHA512 1ee85695b5847734f481c143211fe9d590a987f2b56b1772664b7a529455bf19592bcfbeffc4281ed1b6679299244d40112203438e6275271a67c4bf1181fe14

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\primer-primitives-0b5bee5c70e9[1].css

MD5 4a501b962a497016dc70c7dc3f95f859
SHA1 7d50b4e6274c503021751982621678afed30ae6e
SHA256 8a9ace6d9250dd653522dd94b426d1617df95fdfd86264beaccefa22c78fc7d0
SHA512 0b5bee5c70e933f062d7773a200472973456db928fb6dfa0c9bf0ded60b04e4b0100ada3f4234193aca992acd72d196f5b5f458fa4b51636b6bfe9be16c8f191

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\primer-44fa1513ddd0[1].css

MD5 cb3b98775e72345614028bcb572389d4
SHA1 bed826567a4dfa8c7b9ae5ed53dee69c7d367386
SHA256 25ad39ca5f33bdbbc85fa70b6f9fe46e4fdb17937bbb57669aaec3e0203861ca
SHA512 44fa1513ddd0098c15019b07c5eb888114c3b008d7f2e5a912d592ce0ac050e767a3ab0a55fe71fd9d5aeabd2d445280de508c8dd2bb83bf5073c1ba88980f89

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_dompurify_dist_purify_js-6890e890956f[1].js

MD5 80fa30c00e347b5bbc8b7ff9dc2c9f44
SHA1 d085fe485ada77814949e92fa9e1b1eb05ba5eda
SHA256 be77c75cf182f1830d0f90b8d7aee460f0108c6e7f5a143a524f709b9023c80d
SHA512 6890e890956fafa8187511df1ac3c80a5b8d56be5ca989da251741f59c8d1186c0efa3d374f113b0ebeda124b78dedd106ea97f487ec04cf2a012e7bdd1048b3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-7bd350d761f4[1].js

MD5 b6b600c9f1dd4c88024d62e6ff2eb871
SHA1 5a22091378af6a681a1edd36e5337b9b6f70613c
SHA256 447a26cbcbced255f24f46c1e82a6f3a4de3b2a44d4b0ab7b6f427b12f783f8f
SHA512 7bd350d761f4f22866b454b1271af79ef5d23f5d1b8cb0598c34f739e3dab977450d61d01b8a0c135fff309389f712c0114e9cd6e844d2261d2536377b71b838

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bb5415637fe0[1].js

MD5 331e44e17e9ff14023510b990053a71a
SHA1 096363b6e8794bbd45a352d3cc8cfc4946b832b2
SHA256 7db9b2cf77bda551dc5b202710a2ebccc88a74f6d807a8eaf19d3624befba34c
SHA512 bb5415637fe067dfd3bba724d1e3ec440d342feaef6d42226cad26c535dab05ed798c92b46104b1cc843345e11d3e40a72a051c7730438fc2ea59abad6b2b26a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-745e8b6794ab[1].js

MD5 b4573f1cd7cdd2573ecbdf707be8a3ab
SHA1 970d6f423fa9c7923f5a19fc3e449bc827c863de
SHA256 8110d18a776a06ad558a2ee7499c04400f634c3e2150e700ecf2fee84c7b4ceb
SHA512 745e8b6794ab3cd4de1fd40e464c1f090879b26f7dce8a266005781808b312c599eeb6e966049db3e18b815f30506c4c2061065034238d8baaab8fcbe5afd84b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1acb1c-a745699a1cfa[1].js

MD5 861fa69db074f86d7b825200d303b5cd
SHA1 6b0dba99c449561eccec58fb4f0225d4d9c7a25b
SHA256 d0626b0be461588e2510ec528a0ae6fbae4ac363ab56b53bff39382a1a925810
SHA512 a745699a1cfa87148f99a041663a7be4e70130245c5a616a90e77f4538deabafbac9a5debf8aa517ef65b965e1d3b1ae6cdd85349921cabce52eb1ec9a71117b

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62[1].js

MD5 8d2fd700b674b265b884566f9e1a68b2
SHA1 b0071dc74ec8602aeb4d4063ace590e7dc26ab6c
SHA256 8d303394176f2b0cb950c35e71caa07a94141a3625c75d8b5da9f42f9a1bd700
SHA512 c91f4ad18b621b1321ca15512f94dfc9b7759ea2d0a150e0d4ec12c62ace6f5d01e60b991f0f1fa523b96ff9e0174e89a5c6496a6df15b61e57f232f2fdae967

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-05801f7ca718[1].js

MD5 11819c8c15340c7ca8339fcc945a4f06
SHA1 5fb0a03295e008aec0a1abc786b9e8bdaa3a233e
SHA256 7bb4cf0c86c218c29466a022a4c087e72ae5cfbcc0307a67c9a5af2a0ec2a521
SHA512 05801f7ca718d5ffd9e34ed99b557c1e8c624eb6263e0eb4f94e6fe32c4a1b1c1663419d89594358471edabd80a15f1143200b4150051e99377b988dba7d7389

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_lit-html_lit-html_js-5b376145beff[1].js

MD5 81628c9093236d8e3cf835f708c30608
SHA1 846b10531dfca6510051fc43abb8f9b5647a0433
SHA256 daf381c316a5988c9116aa65c5816cbc8a958211b4c0b7d989ad6c9645757902
SHA512 5b376145beffca1bfc6b0352c08819609a974b6170848699421208752a63f057869e0e4ddd23797b3a0c281c276d7fae580cf41bb5465c632aee58524b21e7ba

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-4da1df-9de8d527f925[1].js

MD5 e26206a08e0a408cb0ac26b62bc378dc
SHA1 1976478d9d2e3a2b594b383a71b7c18c33abe31e
SHA256 5480f3fc81d2395070c90579a17b32713d017c4d17dc9bad135afe1521976930
SHA512 9de8d527f92555e0c1222d6ed8290f66a7a34b5bbff0ae827b40b85cc2ccbad51b4d097ef269aab806d73059e7ea2afe8321ff19a5e12752441f33f56bfbcfe2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\element-registry-9a257da99f6e[1].js

MD5 f3ef81240c6d652580843606077656da
SHA1 03d297c437a2531d2193920efd941bab272c1670
SHA256 6048417bb912615ffa8f7bc21bca43cf45ed0fd99d07fbcd14d4611c52a770b0
SHA512 9a257da99f6e06fd9d841c9b601af6f989d01c1581e4575bc6e684b12bdba78c98120590caad49f52d1a24eefa216e50a85feaea98e61578887de35223e52bf5

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\github-elements-34cbf079a4f4[1].js

MD5 9b47ccb6b752170f8b8ec20286fe05d5
SHA1 901760a96176174e307ceb67f3da102cf453464d
SHA256 059921042948a7df80ae1f8c76c1c0442143ac4809aa32e0d0adf514628fd705
SHA512 34cbf079a4f4d5e31bfce2841741f11658e0f9cb616555c87fc94d6dfab507484df09b215ccddd590fd13219a4a0723f64f0cc13bca4e5b0a16b536f4bc62831

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-27181b-3509ed8075c4[1].js

MD5 6eea70c9ace3bb9f6c684fd593318b48
SHA1 2cb85a9551db444f4e5d69065374a717334c65fd
SHA256 1fb1497b55f8d938c1753c298394604d4f959ec90b8cbd9ba70771b885cd1029
SHA512 3509ed8075c434814ac3f01e1acf881f456e4a3cbc94ff6849757f30f997b7c05c352916780f8b42ca7ca611f81d29b0330a40891fb72c72c6cdff9ee2e8f458

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-7dc906febe69[1].js

MD5 4d87a5470325fc3adc78598eb62264df
SHA1 9e7c5e4ac32802ba23d14e7c0d989848ccc3132d
SHA256 17339ebba6fc6f421db7fb62286f502727680abe7513bac481c8f50c1a747a10
SHA512 7dc906febe69aa010f9c86c3de40bb23d258c1f06c1be8ea034f605eedbd5399ef5bf9a51566e79f0a8f0639ad4e5f727f4a3c1771c7b03bb6568a8e0606a3d2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_delegated-events_dist_index_js-node_modules_stacktrace-parser_dist_stack-443cd5-1ba4dbac454f[1].js

MD5 752eb45af6eddfc36e3093b24349e9ce
SHA1 99dbd6a84c7a358a550477fafe89681382e33853
SHA256 7a33dc030df6ffdac087a68957ff32de1c009447a7486be5770f290b37a2091a
SHA512 1ba4dbac454f4d7fcca50f75a5fd12b9591b8a7616a584e46c0a46e71896e69be5d3a5bbf8eb8c2118c3dcde22cb46e2c85cd37166fdb616e0c7318898276c2f

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_text-expander-element_dist_index_js-8a621df59e80[1].js

MD5 da04614ae380b68c111984f401413fc7
SHA1 7ca0dc023ca0b1654d7c8630b8a05534e156d03d
SHA256 85fa448f4d60be73de2f42a83937523b7b751a4523b809fe9e3edb404e00b835
SHA512 8a621df59e80e8851a8cf3db03462095e8bba43a860b1018dc66780448e82d19871be99aab995fa57025db8b7f8e975eb0595fe2c59ca23d984b4d21d5031aaa

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_auto-complete-element_dist_index_js-03fc21f4e80c[1].js

MD5 4d7edc0ddd43e54f4590ffe2f41756a2
SHA1 d6abd8e362faf9b9ff99ecc405345c553de6831c
SHA256 593268251b1b94c08df2e4f4ab6489678391cb112fd75a5e7a53f990d40b03af
SHA512 03fc21f4e80c42f4a4dec31f373272fe0002f5fb79295d3c9a165fe0e03353d793806f85f1e47bd7e357b3f278016ee578b090f553d8ac57122ee6b903b2ef07

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749[1].js

MD5 1908a7d9985e9540b3f6fc047f62b729
SHA1 25a06882e338da16bbc59797925ac6086141f478
SHA256 1b92b8a1d5169e64edce1fb248cb5989561060b083e5f05b6ca2a823b748a946
SHA512 bc8f02b96749a7ec00a92334c4964a4255611b23e15b88a9fef73fce2b55e32bfefa7f4bb89d436685a92fe188713790b9154ed79b5d7b3690a3ace68346cadf

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a[1].js

MD5 2cabd818fb8745b2fc7d5f92594269b8
SHA1 88108fecb3839f06671c2a21e35163e0e414b2b0
SHA256 55cdbee6ddce98f5c299a24fb9851501f46ff0cdd2ef3b2f7bb572a3940b462d
SHA512 c76945c5961a4f5b2cb1f85bd3cbb35d5e81f611c3ba05543acfe870728e94e9719c9331b65f4c2c8723960c5ac1e9cac0495a892f049b41ed3ffbe899b93700

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0[1].js

MD5 6822816845d932c1e93f68372f005918
SHA1 1dd14a539530e8d131ce29be5e5f84e4098b6a15
SHA256 14d338ed3345cc8d74e239c812aa37eeee6126bc1ad8a17e4e2cf6ba8ee0adee
SHA512 086f7a27bac0d285f5e0c849cebac7176f86edb18037d8ec4356c2b8892fd3f47e045f857eb673b213661eea17441192cdb7a76c807c2badcecff6b7901aba92

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js

MD5 683a7fe431bded8fbbf7b5189a1b8209
SHA1 2fb527473877ea06ec6b023690ce933c216c5d07
SHA256 f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3
SHA512 9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\environment-775215f6b8df[1].js

MD5 e0a178ecbc91bcbae9e8e906adb78e33
SHA1 a9738626c14f73015b36aafc729b325544f7af4d
SHA256 751de4fc6bc6c42c11515ce3805d1715190eb6b01bcf4bf14b2aa7c0deeee99a
SHA512 775215f6b8df5b189ed8fe380fe37a4c6d79de089051c3ee1242f1d8223d28fdf6c08c694dcc42e9cb4c0953bc172b099a16f9c6c774b3f747e2a30d60e90068

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\wp-runtime-97879d6e03f8[1].js

MD5 bbdf47e25b5deab009095c71f9ae9f4d
SHA1 4ab64a16a793591d3af88a7c82b7c3b52ad53ae4
SHA256 722024f564be57db04c27af2b199f7427eccb8fd870ea951a5c4c638507fb49c
SHA512 97879d6e03f83f4a232f7ffabbcfb8375f45360446020a3f24596ef4141eced04bba010c3281ee7605c5a909cd8ee65d2255f5203274bb7ff0ec82c2acb666f6

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\code-111be5e4092d[1].css

MD5 7cb9080aa576934b53486d3746529970
SHA1 cb9ad049ca59d0dc0095470fddb2bda8798211cd
SHA256 9850beb3ebe2c31da0ece9d1a823e5e7d26983626c6e2acf4210d33abf6660c9
SHA512 111be5e4092d831d8e068ff4b6d2be94cbccb5bf92adc549a6c2506c4712ac177d15a61b56bce1919a2bdf9bb66d4a24b805db3aaddeb86823912d1df805f2fd

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\repository-fa69f138fe8d[1].css

MD5 92ddd397a592ef8df629545aff542ece
SHA1 de50aa0321796f5e0d0c162fab9b10f7c98d11e7
SHA256 ca1fff862edeb6dce1953d3ff7f1b76d84aa12aa7ac4d4eca05e323ffb3f6ad2
SHA512 fa69f138fe8dc9e8fbcc9f8211bc8e82608ccd52a41586a1438b3ed05922f0ddbd2e634fafcc34add72e0b36fdc6720d6a68530d6b4bda61fdf20e57fd553d2c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\github-07f750db5d7c[1].css

MD5 19a4910055069ece0fd15033333b5169
SHA1 cc741789ac4f11c2e1818d25554f470ed002c7da
SHA256 c0467d247bf127ccf1de67ede2d21bcec6e1414e1c4f0b40f83f323b6d407156
SHA512 07f750db5d7ca69a75c752e69beb712768b99da639ee3ee96857c7c4e69364dee00c3f5a601b4cef713c6cfc4b0755d0629f4982bf35fe83dc2dcbca203e59d4

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\2T6NNJP6\global-2a3cd3230bd6[1].css

MD5 c1162575b98a68c7873fe83fe79f2965
SHA1 bc280e99873368363959805ae1b666803ae4c9be
SHA256 3b55aeed5b06028e219e849a1c533b9f971ae986198d49769eb51a5372490a45
SHA512 2a3cd3230bd6e2e37376474cb9efcd485ed37146911a8e9dc89f4e190267356d7bfa7b7cc802216207fbaba4e28030ccd1c40160ade12c7d485bf4a07945e5c0

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-84957b-7b4e472db160[1].js

MD5 d01d2bce3dc98f2f2c666ae71ca217b8
SHA1 f13c3f886c48a4d2128059ecda8a1d20f18c9a7a
SHA256 6df87b96f1a0275b8b53b076cb0e96c0db94d4b0fbf68af46f104f517e959616
SHA512 7b4e472db160274656c05f75b966dd61ece0b267680391018a38ab50b58fa43310db33d846bb2e1f0f91d7af2a78e10c200c293a069e369247a5251bc07ee320

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34[1].js

MD5 913a77fa8f878b5f1b7bc5c3c53daa45
SHA1 e2f68e5c24e77ab985603430e9666fc1718cadf7
SHA256 69b7ef034ddc6b605311ca503ca24f54de1758816ef270a160315ed71fc3d7e5
SHA512 95b84ee6bc349a259aa1a1298245ff5edb5cdd1b6f5013e0c5eff8059c1f90125e8a1457c40c54ce103f4d18160a55cd7084922ae283bf00f8b425cffd1efa48

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_color-convert_index_js-72c9fbde5ad4[1].js

MD5 c706ad84a4eb261b75d1f77ce7f9bdc8
SHA1 497a9725442e7305adc54d19b828b2e38c5c56cd
SHA256 80b561c1746ef1533744e7bf7ea3f6c721a88a104d665bb97ffa8df96e69b682
SHA512 72c9fbde5ad471c76b76034459d0d75db00cceaf3904a14c01dd9dd9167da7f783086b79c446b24ed2630c9cebca1996b3ff8ea52dec6c865f173c8158962be6

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_detail-c9d0ba-387cde917623[1].js

MD5 53ff79ebcfdf43432442302b235f7eec
SHA1 779135179b1f66f503e355b5b1bf1d629cb7deda
SHA256 0e9858012a17c942cd8a3761815132a66b1e1a721732af9b84a4d17d822a0eba
SHA512 387cde9176234c43a9a2ff92655b22d330b5101da5abdb275f1cf2383e19f4b50d1ba6485c603f9ac154d812f5d0943b4b7fd87973fa69c8afd48d005b9974af

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-a8ec7ed862cf[1].js

MD5 f5fe12a51a2d925ad59a3b4dbde64239
SHA1 eaa86c9029b6cf765ea31c730ee0c89817cb43c5
SHA256 b07d51e4c93c6d1ba90812c547f4b39a7153582a8bd99e84397098b16223d3a4
SHA512 a8ec7ed862cf730b3eec63dbfccc41cc3b6c8f0cc2b31ccc6d6cbd1041a50ce050a7b977f55008d9a9f5fc6a889260c4766aab744a63d8670410323cd18ae31c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\ui_packages_alive_alive_ts-b956d50b9283[1].js

MD5 322f994d5259a24ad2c65b7f638b55c0
SHA1 ea402d6b4001fa366304b3b018cdf037cfc23ed3
SHA256 a54568d95a02039f586594198ebd8079bfdcab083fd663f01b5089bb5ba462ef
SHA512 b956d50b9283885fa29813f8387ad57d65013fd925bdc4c7df5bf05ed398b6250c8b52675036ae75a77e3d78c1c2aabad1f5cb5939969d9e32cdb7aaa56a2e41

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-05fd80a7ea89[1].js

MD5 1744a9703e1e020807f5737c6b8d31d4
SHA1 05324e0e6182695c223cc5e1f71e889d2370ca28
SHA256 fb98c78a9625b1eafd3c0e7d9884e2764c791c4013577f0d03c8681e4f2b02d0
SHA512 05fd80a7ea89e5d8a0650424b5f7dfaafb7c36ef6537da43d4665840d8ab19ac7db0b33945beeb3680929fddaf6cdfd6e1cd62f754a183f65142482e9d0dae3c

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_sticky-scroll-into-view_ts-94209c43e6af[1].js

MD5 ea01bea08a155fcf33ff2a18fcd0ecb9
SHA1 1f58607e282514d7a1dddf9aeb2b91bc5f5fe7dd
SHA256 ecef9a63582229cec2ad4531de2fcbe4098fdbac1ff41d7ad269fb47b3ad6352
SHA512 94209c43e6afe456a67e0fe26ff4f4bc8982137138891fd2aa1660150c4e03333187d63292ebf0d5aee64d0c5f8f0e40421e21923e7588d5213d8892e8a207eb

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-9de4213015af[1].js

MD5 f773d7682704ca9858b63b87f67919c1
SHA1 edcb0120ca99d5ddc395fae4bcac301928f49ef0
SHA256 0b6e667cb5fae47ba109488f66ca4a2f3a55a80f25cda4ca17db228b3ef3464b
SHA512 9de4213015af6aa07708f102ee75a6092518d4ce61198db20c67def5a37ed0b924bf0007bb23535aa11da61f818e6d80c7c84f31b8f4e76c5413fc0086850d9e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-82813f-960b7c5df16a[1].js

MD5 1cf2369091f595216efce8d5e715fb07
SHA1 aea9f7e70b37a7fa86c9ef1ae35852dd1a15d9fc
SHA256 0c935035dce7a6c3fb2599af63a3374e8c997eb043ec1e475ed3eeaab46c380b
SHA512 960b7c5df16ac4d35664f332468164324937d57191367a415c45cd4574447a74482f8e91b2bbfe992bfd08253e360c98bf6bbd8ee91ad32a1515e9cab0099ac8

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-9285faa0e011[1].js

MD5 ea2f459bb2eaf606a6d110bb721f8c85
SHA1 0cfc1539816ee68e0ccea2f32fb4191bb8b05224
SHA256 3c0095ede9f86618b394dcb281a35c659330ed3532ff49cb699c4f95083a912c
SHA512 9285faa0e011208b72caa43ce51dd15a03224c73810ca9d549ab21c344c2c96f7b6bb31b86e922858cfe6cebe6e3b09e7dc8fa35c6c78fd7c44b6c919002ad02

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\behaviors-a9123655fa03[1].js

MD5 56ad23f177b1c19d82879c5bbcab1646
SHA1 89753e6b4e0f59d3bfee63b9db29814653a07cf8
SHA256 3f64769e0be21ed5a2e17f3685b01f35ed182df5783696c5c0ef87bb60de53be
SHA512 a9123655fa038f3c5a2ee6b62ce8de73a55bf60bf4fc48083f73b5f9e71ae4d5f351c0aa3d7bd160baa18a64e648b5ad5d10230e74e83e716e7c8e6317940a04

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71[1].js

MD5 c59673d413609f36559412bd12b5776f
SHA1 7cd5f0a997f4d154400dacbfcab376395009f690
SHA256 eaeb0852cbcffaef96c7a00b0080169f4aa752f0f1d5cafcdf6177e2d0698c5b
SHA512 2ea61fcc9a716eb3452f0b6d6531d0c724f69aa55a032af882eaae96f7f59bd26f028f1832f1aa65bc6fe90612acbf145249cf83b285399e8e4da7fc4c9ff5d2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\notifications-global-6d6db5144cc3[1].js

MD5 261150ee37eedc1c587ea9a21a7e1b6a
SHA1 f2112e464b8a356e675ad36e2c20f58e12e140e2
SHA256 020fa19a1945b66e3f2bb224b98568b884996fe404bd5dcb9e91d20bbe6ceaeb
SHA512 6d6db5144cc3ea031f04632fe9eeea3ff3dd4d91740526de02e57d2cae60aa5afe5b8df0de2d92c46eca064c5ae20abe3d7e9778d36e94990f74e432f6ecec70

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-f924cc31bbb1[1].js

MD5 7f058b92c458fdee6526e4b6effa4044
SHA1 f86d7307585d33009dc6567129d16f9b60f26342
SHA256 a984eb4db9696e042f807d8355cff85e0ca804df4d9fc9c91336d55f12e37920
SHA512 f924cc31bbb148e484f700cd62bccfd7b47b5b7940914893ea1b0b429ef041db0ea2ca4526371a9d4872f84659980b4eff908512fd3bfde7b41170119378a83e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\codespaces-b7f6071c8422[1].js

MD5 f9c8ddbbdd2edd866a0d7b473608fe90
SHA1 2cf32a231fa940ed19b79d59b84f909a81440a63
SHA256 f69a690aebae5946b46845b06eaa716de9e059ebc799e037e37941a63534339c
SHA512 b7f6071c84226cc63a6fb1404136a9f2f1d3bd3b0977ba126ce77856ecb21d81add53a40a9ab1c5af74e41224b7a94a463074691396dfac80f66d2bfe44309dd

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_mini-throttle_dist_decorators_js-node_modules_github_remote-form_-737e8d-13881b8e7358[1].js

MD5 65aadd89595f4fa46f1237aba5ede313
SHA1 5b2ea2970e591a97f9459fc372d215dd83f2d558
SHA256 ea49c037d3b8ffcb4db1892150c7fc3937bd5dd86e255d2dad1f8325d52fece7
SHA512 13881b8e7358011bdac8d3ad881f03f9e1ef492612251e144e71badd6ea096ad3f508a88cfb569ea698b71e8c798c62afa46f58f428e1372610a794f57d275ea

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_mini-throt-1f9a80-369ba092db4f[1].js

MD5 c5a133014c78ebb17476e56f1624a471
SHA1 1b66e28cd650cb2898c877102098df0b20ac51d1
SHA256 6958df6243dda9b745c0ad621aa4c7a9d997451eef9fae30314aec6d6592957a
SHA512 369ba092db4f090799a2f77cd391e4423b1d88b484ae79fd5cbdb1fe7583960423842a7bc65c613cdacf7d783690757dc048e241c423bd08c2768e367b5d5282

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\app_assets_modules_github_repositories_get-repo-element_ts-f6b365a47eda[1].js

MD5 5efc6bbf45a43234e23e72093fefb784
SHA1 b90024ee0e231af171b857c16b4171e38d969f7d
SHA256 06547a5b4c2aea39d163f18d7c444778fd378ff23782d7bfa9fae8916ec1871c
SHA512 f6b365a47eda894ba80cf4d4242e56c4e00a379444520665ea837b1437b4f345fb523c196ee2d81397b93aaa8c6543286f578dcf4c6c5756bc6842399c20535e

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\repositories-57e1f829b48d[1].js

MD5 3e273a3682b598ea60bbc9b639bca6e4
SHA1 a3e8b6f250baac841eda33fba2f98348ac3beef1
SHA256 1d56dff2dc03191c8abbf96ceb3a12823cb74f6697ef8777c0c9c08f42c906c7
SHA512 57e1f829b48dd9eee5ebffbf6faf3ba48447c86e19ac433ae0935bb38848f56a57aa0a6a7f3f87ae0dfbbafa3bc03cc42da3ee9c5bd2ce015bb2f2c3ebfc36ef

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\code-menu-67595c3a6d0c[1].js

MD5 ecaf6842df29586e81888f69eb17735d
SHA1 0198df718b7a77e364ead2448e0a62801c3bc424
SHA256 6013aaf029f706510f8bce05010294da2cf4612cea03fcf17f1276b2b21e63b2
SHA512 67595c3a6d0c65d58abf6e2303f8ddf180c35cdd5aff7a3684ac2acaa525d52d60dce484d507c78135be0b629025c9749d65e2a0eb69e2770a62694dd51bd666

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--b964b4-6ad237e6932f[1].js

MD5 58a98aa089657671b37a5b6afcdac603
SHA1 e7f92b01062c0728ca72e779a98380b090b3bf36
SHA256 962996a98e34a53a4ffe0eb900ea07eaa804d63f357e23b9b7946847790bdcee
SHA512 6ad237e6932fa0c0b0daf53ffeb0457902e2b452369eff6391c046f651af1a2f017f4aef32ca4b619be9b6351b7dca1cee56df50b2b88b3f67f97e86c47831b0

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\keyboard-shortcuts-dialog-b4a646a773af[1].js

MD5 d41c8b3e035bf39e41027d48218a9df7
SHA1 365f61f83274ad56dc7eadebf0a8c8eb85e09943
SHA256 69fe955c15e1030befcfae0657d7c7154882ee408e8134cbd6e66ba291c7ade3
SHA512 b4a646a773afc1b5b99118c02ab94fcd134ff52d7cbe3e7b2cb1f7480e8bd30b442ecdf3e0aa4f120d7080747d15bf5a57b742ab53572fb9534fffc9ec33cda3

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_behavio-2144fe-a56c35798651[1].js

MD5 b076465d870a523f653c3f78163dd31d
SHA1 076bedab4630ebb82dd3ddac84e156d218469d8e
SHA256 dcefd3c194ec6b9e6a82d5bfdafcda082b00bc21feac2e5585881e6316286fa4
SHA512 a56c35798651a644c5de0299eb990d9e4db889586a03222cd67cad8dac3b16165c0f2529a402dba093cb7a1cf390cd23f27ce1ef818452a3dbd6104e109441d2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\H8JKT6EB\app_assets_modules_github_ref-selector_ts-2b432e185ab2[1].js

MD5 3008bf196bcb9081554c35d0080e65d5
SHA1 599c18ca5f933a2c7d103853f3d295bb4b07fd69
SHA256 3238339a3ebadc4358c84c48cb610df0dde4ea1b8d37fe692248184b4bdd4ace
SHA512 2b432e185ab27d8e07fcd73366b6af71114e20991ae4255fde6ef7a022b91508097cca4e83e9ad54ca69867c337fde774465d34697603b359a4195a83e1c9fd2

C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\ZC3VO3MR\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-878844713bc9[1].js

MD5 84eee0a0d2d52ce4048f2dbdb3589012
SHA1 9723f142ff6ce47f65dfed06d70b68a305a8dbb8
SHA256 bf11813ce0246da52cb3132837619c44d1e837e3eeebbbef12137dd91dfbec7f
SHA512 878844713bc98efc35c1a8041e3a53fa3e2ac9669dddeeeb2962ce6cdd465f84f0d41c3774ac27bd4bffcfbdf4832897e7711dbfd17adfac9d2fab206292c4e7

memory/4812-239-0x000001EC44EE0000-0x000001EC44EE2000-memory.dmp

memory/4812-241-0x000001EC44F00000-0x000001EC44F02000-memory.dmp

memory/4812-243-0x000001EC44F20000-0x000001EC44F22000-memory.dmp

memory/4812-245-0x000001EC44F40000-0x000001EC44F42000-memory.dmp

memory/4812-247-0x000001EC45000000-0x000001EC45002000-memory.dmp

memory/4812-249-0x000001EC45020000-0x000001EC45022000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF3FD72BFB2EFD8A6F.TMP

MD5 af5ac679dfbef2938d11777d668c15ae
SHA1 3fa308856b2f2e1a5430675d03dcf0e7381546e9
SHA256 e2db048b175973ba43a89ac5d7576e0b94188bb76a9a9e9958dc159af01c7212
SHA512 c839ad773a9d1d42d46a269e5b7db7fda70aa5d0cb364360982b1d4dcd8559afd27383ceb2c071d4d277bf8c02cd0e1f132cb595cf5db585d3c2456383a9c567

memory/4196-299-0x0000028F8A1D0000-0x0000028F8A1D2000-memory.dmp

memory/4196-302-0x0000028F8A000000-0x0000028F8A001000-memory.dmp

memory/4196-306-0x0000028F89D70000-0x0000028F89D71000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 fdc1a19b6c70e599ff1121b0d5a74d68
SHA1 6081c97ded32a86cbf6a38d5070edde6ab330b64
SHA256 109f27f5c9d263be47d768306e475e1a0a0a002a03d2daacc3cdb0df6f318b31
SHA512 faecc11b4105a2ca2f1efb13a55e9f5c25f5485829b9957235301f8979db966cc4f29ae3f722ed12826948ab6fcfb9d5dd3f23289d57cd99b1306035c5db3242

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ea1f41d520ed25c795c3c24fdf69579
SHA1 be8197c73b620e0a1d2060cbda4500ac21c89016
SHA256 4e9899d73341a9cf9fe94c24c465f88ac29022ee726343d710ff0869b5470f86
SHA512 3c02add015a8cdfc55f99d28850835ad5038e626cd518a348e56d0a5b1c4fb44b3811ca7e3b189b8308a785f7eef880aaea92b8f8d34e62066ac967ca34e26b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 76d0a1e4c8f402152b5e7319811b30dc
SHA1 4da8ff65fc0a85c4739bde7bf7cb46a3f4d337c5
SHA256 b419b02462f70a4791413f5194c6ee5db36e667c0b0574b837e8e9b5535acee3
SHA512 70f1738f11c29a9f6b6c3a21f90b78bf45ed93719107aa1db34b189d0a9f09548312f802280eece806aeac65bef776578e12a28602ea14bd38b4021ea2d8098b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 af99caa1bdc955d32d65b809d0bd7bf6
SHA1 df632e734d4a02c22ac77d29845c357554c88e2e
SHA256 6988ea6aef5b702376cbf1eec85dc3fb347fa236869e810e33c9ee99affe5d5c
SHA512 31b53064b38e6194e136ef1421153fb71446366b79b0f4d2f1ffc48542801e4e2cf81517302f1ab977b823797828023d2ecdfbfa221e711970b21365455c4ffc

C:\Users\Admin\Downloads\ddostor-master.zip.crdownload

MD5 644f98d440c23deb8a7b4b29be4c8aa0
SHA1 be93c232c37066c42dd015fd858691a35e3d4c48
SHA256 e50931ba3cffdbd98d393b33a879fec9298708930203812dde5aaa066b5ada61
SHA512 4a6c5b9160dad154318db7e8956313598c0dbddda4732028fc1ff080dc2e3e37d67fc299e0d90158dfd996cb362e2a0ac274314d730cc2fc80ae0dfb7362e6bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1aa9b1d4dddb52428c0e6d41a7d6f840
SHA1 1ee450981d4b6c00873daa8f7432d90818bb98e0
SHA256 a71d5b566ae17a6bff4caa7a84101e2b89cc9ca677c8d7293d245825801938f5
SHA512 9019d21d0cdfb838c5c810fcb1f2e6d807e41e02d7a1bf2ec708425307aea52b0bfaaefbdce998724859076506c0970904aa87abaa6e625956f92b04355f7cdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5d7d0f9912b42ef4e204bb0273eabe04
SHA1 c9ce579514f82fb69deb509d5d49a45bc2ec86a3
SHA256 e77036807d29f0939e354a81be02ace04a94111b5b11653d0585a8585711cdaf
SHA512 0b976526cf4a3ab16bfc32b818d900413182847a8c9660e6816f8ed134796a43c35fe8962b7758d2913e2e41935a96b1049fed0ed4948bee4c04052ec2a82bdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e4ffa469-eeee-4df2-b269-93da8bd73af1.tmp

MD5 84785035ade5b985e861bb45783f601b
SHA1 18d777b1e480ec653a9771a438706f2813efef3b
SHA256 fda32c0cb0c0d3a19d3fa621d2af6a0d8dc1ffcdc7c315ec744822d22eea3359
SHA512 4f1e5f06bc3d95c6b87d70a0d94bab79ca566dc47c21838f4950bb0f3c553eefa7bde05ce50c17649a7519af6f3022e17c081d64314cbc2dc228f34187638c3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 376e0b98cdae6f3cae3da26c9727aad8
SHA1 220a4d1264c3925e5802aa1f6ff69aaf0d86bf5a
SHA256 b2b26f0908eec51bebe90e99f5147d092bf752a4033ed5c1ec0461d5fc7c3b17
SHA512 afc8e495d6392b6606ed8ddfa265cd550b850a68b925ebe880ff14303f5145699a2838b71b31d1d417df4dc25478125ad350fd73a19786dc8e9882f9a544087c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8ca15179a8a4a0e3420dc377f44fc418
SHA1 e15fdc4b4746c09fb0edcc9cf47494912df61a7d
SHA256 988420f1ac962f7d1c1675de1d3dfd5f23cdeca66a55d7fb6ddd4ec6491820ba
SHA512 cee380d6b825ad49912a28250fe6e9e8fd13bdd28a260f2156cad3e4e4ade8b769d7c3e95047f74d6782ee281b5c3ba1711ca4ede3b072b811186db08aa4cea6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 b9dfc4b0afaa275e8aa0579d3b177ba4
SHA1 842b3163993fa53f70b7b55c2c3494cd4dd4f75e
SHA256 f4104d13d91dab6b08065b435ae03021a2006f3d8db21fa1d681fb96c6270baa
SHA512 128d4ab617e70e5566802f960cc9db926d109a57e717a2344138669904bd7949ba0f1d2f2c6600278df54587268d8c4875cd1ddef1cce6cd27b9cb9b5a43cddc