Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://sc.link/HpZNj

windows10-2004-x64

1

Resubmissions

19-04-2024 12:40

240419-pwe5zsdf7z 10

19-04-2024 12:35

240419-psvq9sce46 1

19-04-2024 12:18

240419-pgpqwacf51 10

Analysis

  • max time kernel
    238s
  • max time network
    244s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-04-2024 12:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://sc.link/HpZNj

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 12 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 44 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://sc.link/HpZNj
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2604
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc981446f8,0x7ffc98144708,0x7ffc98144718
      2⤵
        PID:3868
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
        2⤵
          PID:60
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2524 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4128
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2948 /prefetch:8
          2⤵
            PID:2852
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
            2⤵
              PID:2292
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1
              2⤵
                PID:1700
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
                2⤵
                  PID:1268
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
                  2⤵
                    PID:924
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1
                    2⤵
                      PID:3280
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 /prefetch:8
                      2⤵
                        PID:3644
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:340
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5044 /prefetch:1
                        2⤵
                          PID:4984
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5068 /prefetch:1
                          2⤵
                            PID:4620
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1600 /prefetch:8
                            2⤵
                              PID:772
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
                              2⤵
                                PID:4896
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3752 /prefetch:1
                                2⤵
                                  PID:1396
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5380 /prefetch:1
                                  2⤵
                                    PID:4464
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
                                    2⤵
                                      PID:1236
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:1
                                      2⤵
                                        PID:4600
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 /prefetch:8
                                        2⤵
                                          PID:3244
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5812 /prefetch:8
                                          2⤵
                                          • Modifies registry class
                                          • Suspicious behavior: EnumeratesProcesses
                                          PID:896
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
                                          2⤵
                                            PID:3860
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6256 /prefetch:1
                                            2⤵
                                              PID:4428
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
                                              2⤵
                                                PID:2564
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
                                                2⤵
                                                  PID:4412
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1
                                                  2⤵
                                                    PID:2168
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
                                                    2⤵
                                                      PID:2636
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3752 /prefetch:2
                                                      2⤵
                                                      • Suspicious behavior: EnumeratesProcesses
                                                      PID:4052
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5668 /prefetch:1
                                                      2⤵
                                                        PID:1704
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
                                                        2⤵
                                                          PID:5064
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
                                                          2⤵
                                                            PID:4244
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1
                                                            2⤵
                                                              PID:4748
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4756 /prefetch:1
                                                              2⤵
                                                                PID:4600
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1
                                                                2⤵
                                                                  PID:1844
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1
                                                                  2⤵
                                                                    PID:2172
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7836 /prefetch:1
                                                                    2⤵
                                                                      PID:2148
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7732 /prefetch:1
                                                                      2⤵
                                                                        PID:3736
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7660 /prefetch:1
                                                                        2⤵
                                                                          PID:1576
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7692 /prefetch:1
                                                                          2⤵
                                                                            PID:1828
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8100 /prefetch:1
                                                                            2⤵
                                                                              PID:2520
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8376 /prefetch:1
                                                                              2⤵
                                                                                PID:932
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9280 /prefetch:1
                                                                                2⤵
                                                                                  PID:5612
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
                                                                                  2⤵
                                                                                    PID:5688
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9192 /prefetch:1
                                                                                    2⤵
                                                                                      PID:5696
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1
                                                                                      2⤵
                                                                                        PID:5932
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9208 /prefetch:1
                                                                                        2⤵
                                                                                          PID:5940
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1
                                                                                          2⤵
                                                                                            PID:6024
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
                                                                                            2⤵
                                                                                              PID:6032
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6752 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5368
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:5584
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9968 /prefetch:1
                                                                                                  2⤵
                                                                                                    PID:2128
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10124 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:5448
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8696 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:5600
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9732 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:1628
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2120,7496321484685681119,8623699140207825332,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4980 /prefetch:8
                                                                                                          2⤵
                                                                                                            PID:5264
                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                          1⤵
                                                                                                            PID:2304
                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                            1⤵
                                                                                                              PID:708
                                                                                                            • C:\Windows\system32\AUDIODG.EXE
                                                                                                              C:\Windows\system32\AUDIODG.EXE 0x520 0x51c
                                                                                                              1⤵
                                                                                                                PID:6040

                                                                                                              Network

                                                                                                              MITRE ATT&CK Matrix ATT&CK v13

                                                                                                              Initial Access

                                                                                                              Execution

                                                                                                              Persistence

                                                                                                              Privilege Escalation

                                                                                                              Defense Evasion

                                                                                                              Credential Access

                                                                                                              Discovery

                                                                                                              Query Registry

                                                                                                              1
                                                                                                              T1012

                                                                                                              System Information Discovery

                                                                                                              1
                                                                                                              T1082

                                                                                                              Lateral Movement

                                                                                                              Collection

                                                                                                              Exfiltration

                                                                                                              Command and Control

                                                                                                              Impact

                                                                                                              Resource Development

                                                                                                              Reconnaissance

                                                                                                              Replay Monitor

                                                                                                              Loading Replay Monitor...

                                                                                                              Downloads

                                                                                                              • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416
                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                55540a230bdab55187a841cfe1aa1545

                                                                                                                SHA1

                                                                                                                363e4734f757bdeb89868efe94907774a327695e

                                                                                                                SHA256

                                                                                                                d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb

                                                                                                                SHA512

                                                                                                                c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                8b1931878d6b8b22142fd7fd614add5c

                                                                                                                SHA1

                                                                                                                0e20ec0bec5a9fe3b6666c3009626f0420415bc7

                                                                                                                SHA256

                                                                                                                d78e49cf9c940d8a407fca2338e30b754e4579c64e88932c46c3871f62c15904

                                                                                                                SHA512

                                                                                                                1e7a63ff7340719736560277601ff43f30937dbd4a1fbacbcb0d72fa708216692a4bb4ba658edf227b767975b430fc94e7c4f0b5dab29bef9483bfcfb38e1cf3

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                Filesize

                                                                                                                152B

                                                                                                                MD5

                                                                                                                70ae4bf8f75c69610c1d00131c1ec28c

                                                                                                                SHA1

                                                                                                                eab92c184a3b655377f375b1b25ef85fb06c7130

                                                                                                                SHA256

                                                                                                                9f46453862eb083e85697631455185c0ead19ec86c1ae3d15274c06c9a38731b

                                                                                                                SHA512

                                                                                                                29299dbc0114f01525bff67ec421a28056905e8f5d21f00502554f446883b6086f8b9a2c27a591f364077da17c21438910b8dbf163a59f6f80272eb7d5f05c68

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e
                                                                                                                Filesize

                                                                                                                67KB

                                                                                                                MD5

                                                                                                                d2d55f8057f8b03c94a81f3839b348b9

                                                                                                                SHA1

                                                                                                                37c399584539734ff679e3c66309498c8b2dd4d9

                                                                                                                SHA256

                                                                                                                6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

                                                                                                                SHA512

                                                                                                                7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f
                                                                                                                Filesize

                                                                                                                36KB

                                                                                                                MD5

                                                                                                                19fd35a0194d0a34348e2a8af77afce6

                                                                                                                SHA1

                                                                                                                94faf9bc8e414431f7f986a3e761231753cabc04

                                                                                                                SHA256

                                                                                                                f087580889ff2f970f8a29771a2aae84cc2dc23263d1c50cff66b5ccf26e8677

                                                                                                                SHA512

                                                                                                                f2787cec9d67914e254c13011c4ef5d5222cef075dafe14b455eedcdc7f400139b4aafcf5094212953b84bf8a8fef1bade755a0db8d4c5aaf3370174a7cfe7db

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010
                                                                                                                Filesize

                                                                                                                64KB

                                                                                                                MD5

                                                                                                                d6b36c7d4b06f140f860ddc91a4c659c

                                                                                                                SHA1

                                                                                                                ccf16571637b8d3e4c9423688c5bd06167bfb9e9

                                                                                                                SHA256

                                                                                                                34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

                                                                                                                SHA512

                                                                                                                2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011
                                                                                                                Filesize

                                                                                                                19KB

                                                                                                                MD5

                                                                                                                76a3f1e9a452564e0f8dce6c0ee111e8

                                                                                                                SHA1

                                                                                                                11c3d925cbc1a52d53584fd8606f8f713aa59114

                                                                                                                SHA256

                                                                                                                381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c

                                                                                                                SHA512

                                                                                                                a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012
                                                                                                                Filesize

                                                                                                                63KB

                                                                                                                MD5

                                                                                                                710d7637cc7e21b62fd3efe6aba1fd27

                                                                                                                SHA1

                                                                                                                8645d6b137064c7b38e10c736724e17787db6cf3

                                                                                                                SHA256

                                                                                                                c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

                                                                                                                SHA512

                                                                                                                19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000013
                                                                                                                Filesize

                                                                                                                84KB

                                                                                                                MD5

                                                                                                                74e33b4b54f4d1f3da06ab47c5936a13

                                                                                                                SHA1

                                                                                                                6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

                                                                                                                SHA256

                                                                                                                535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

                                                                                                                SHA512

                                                                                                                79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
                                                                                                                Filesize

                                                                                                                1.1MB

                                                                                                                MD5

                                                                                                                1f557ae943b3a1e823b56cf9d410e7c3

                                                                                                                SHA1

                                                                                                                1340fc7fa2cf9fade7bebcc8b4dc62a1686aad54

                                                                                                                SHA256

                                                                                                                40f47bca0281df7ada22465ba6c706a9ccf9580288915aad5d42c2949521a7bb

                                                                                                                SHA512

                                                                                                                32d8f83a30ed7179a74ebc7bdcd454d2f5895592f078910564c8bf40490d92c24a836f50b359345cdf4f0288f9a922b0185beeccbc4007205ba50f585de20169

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030
                                                                                                                Filesize

                                                                                                                201KB

                                                                                                                MD5

                                                                                                                f5bc40498b73af1cc23f51ea60130601

                                                                                                                SHA1

                                                                                                                44de2c184cf4e0a2b9106756fc860df9ed584666

                                                                                                                SHA256

                                                                                                                c11b6273f0c5f039dfef3bf5d8efe45a2ecf65966e89eeb1a6c2277d712ae9fb

                                                                                                                SHA512

                                                                                                                9c993ef3ec746cbe937bbe32735410257f94ceb6f734d75e401fb78dc2e3ab3b7d83c086086f0e1230dc8dafd5328f9af664341eb781c72e67c4d84d1f6c1112

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048
                                                                                                                Filesize

                                                                                                                25KB

                                                                                                                MD5

                                                                                                                03b508e96f16f8ff5c8e5e7447dc7e7c

                                                                                                                SHA1

                                                                                                                c599009c8df338eec24f540deccdc5bfb705b05a

                                                                                                                SHA256

                                                                                                                fe5d9219830770f0954871cec1332c0072ae5b998c35f58c0ebea87d334be7f7

                                                                                                                SHA512

                                                                                                                7bcaca33eda97bcf0da17c8f23289aa5e6170d35780f6992daae8a63ab4a297e92ff3ef4562bd14af4a98b5ae23935a0942b387951a47082c0650332bd73eac7

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                Filesize

                                                                                                                168B

                                                                                                                MD5

                                                                                                                2f78c3e49f027a66c8e8a2917ec9f313

                                                                                                                SHA1

                                                                                                                0ac101f89dddf50e38a30b8349b289cc548a1de2

                                                                                                                SHA256

                                                                                                                7664d35ebe6e192f4adc6d339eb9545d7ae3cea26b02e0c8066fd3c6471196a9

                                                                                                                SHA512

                                                                                                                6f4f67d7074751b9b6346c6d1f5991e2a8d60f57426ff4de5151cce2e4797f7cde758c2f9b7e6918ca255bf5799d343219e782db026504ae0831117b82bb6aac

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                Filesize

                                                                                                                3KB

                                                                                                                MD5

                                                                                                                25de9becc0100d65e890a79352baa57c

                                                                                                                SHA1

                                                                                                                375dc1bdc6b486d470212ea84f60722652f1e89d

                                                                                                                SHA256

                                                                                                                42c0ae1254e3cce882eb87eb0d30531305bd00fe1b09dd82e7491500a2d23595

                                                                                                                SHA512

                                                                                                                5d63d594beb7d2f567837d893ee49c87792df7c81870a876e73fd7d3e9a30f4563219a0733212992c86446fbc25f2ac3ddd57677aee5661eef6d5ca16696def0

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                Filesize

                                                                                                                3KB

                                                                                                                MD5

                                                                                                                21f2593773bcb0d57f74adc98650b735

                                                                                                                SHA1

                                                                                                                22f32e1b44eaf109c529637ffb4b0eebddd68d94

                                                                                                                SHA256

                                                                                                                ee62578356ee2d8c99dd8cb465859a2a5e4dec33d3c89f8cdc429e5d9371400e

                                                                                                                SHA512

                                                                                                                777c82213dc67da3b4b6e35aa126505553d515ee0ab571e143b46c18e401aeb763c444e454c8177055d15e754e2acab88f39f1bf2941ddb58679230a53e10ca5

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                Filesize

                                                                                                                3KB

                                                                                                                MD5

                                                                                                                a01fabbe936d8205ef87fe2589a1cac2

                                                                                                                SHA1

                                                                                                                c5c26e201635a5869b147b37ed816960791faa79

                                                                                                                SHA256

                                                                                                                877737e78bd7520efd08be4ed0db43e9b6af02a379c5e5acb481d56e4b4b889c

                                                                                                                SHA512

                                                                                                                a01dfa7d734c5fa02d9859d19b498ed079396503e1ac89950837a54b59746214bbbd32f9d138480f55adad18d25fd1205b510e0c21f9e468392ea66e53cbb556

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                Filesize

                                                                                                                721B

                                                                                                                MD5

                                                                                                                231f55bc37f75a2d01f0cdbed8e4201b

                                                                                                                SHA1

                                                                                                                61298dcb45e7f03ef57f14207b53071a295e1e03

                                                                                                                SHA256

                                                                                                                b17b315af2a3ee4ac7e4ae0429ddddfc76331ba7264a7597267db235e11f8f35

                                                                                                                SHA512

                                                                                                                b6b01a7f8684401e486cc6416e840e188fa5a4fa81df717ff787d31e17b47026944d22c860b4c33e31752fd1b00839c1ceae32bb637218de562facab8bd668ee

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                Filesize

                                                                                                                111B

                                                                                                                MD5

                                                                                                                285252a2f6327d41eab203dc2f402c67

                                                                                                                SHA1

                                                                                                                acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                                                                                                SHA256

                                                                                                                5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                                                                                                SHA512

                                                                                                                11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                Filesize

                                                                                                                10KB

                                                                                                                MD5

                                                                                                                e65dcde8d2ce5bb9ebaf4da1effe7822

                                                                                                                SHA1

                                                                                                                c6cf5b8e99ebf64ef91683a5555441131be5fdc6

                                                                                                                SHA256

                                                                                                                9445ce7525ebde39d2c8cd2bdc7f5ad812567c1243a262e6d84443b6d33cda4d

                                                                                                                SHA512

                                                                                                                4cc7775305dfb166397725a2acffec16d4b79910d1848c3d49d843899a795c9837851e31d435ed70c8941cf06be47059c3c0f9833aa3de6489ff39592982fdb5

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                Filesize

                                                                                                                9KB

                                                                                                                MD5

                                                                                                                807c0eaeed0e0a5fc5d3f6a98624374a

                                                                                                                SHA1

                                                                                                                5106a48a3c79efe794b79157f7c0258c4d6cec50

                                                                                                                SHA256

                                                                                                                e42bc453a41661a38d5aad0011982c1e5ebc700d17093064bfea285d1f7e60b7

                                                                                                                SHA512

                                                                                                                fc9acc338bcab5f77b4f4e8ea34c91ed638e2754eccd99bfcc26cb7a749cea3aac20d5f38a1221d90d299413a8ace24cd2dd5acc99b49f74b13548bef3ff330a

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                6KB

                                                                                                                MD5

                                                                                                                2a4dc26fd44b4805fe8b0fa06d57559e

                                                                                                                SHA1

                                                                                                                9d872faff323d3192c2aaad98357d786fcf9bdb9

                                                                                                                SHA256

                                                                                                                2a96d8636b90860582b9eb4ab9e0e3cec461aab9885fff690193daf2c8e63f96

                                                                                                                SHA512

                                                                                                                8aa90bfbfda765fcb1bb91e571e2b08f2ce248c6c2c726f95d3afd0fdaa2d082d73820baa307ae3d86f919b92996a6ad815acfde9a7179d29194b0b21b9ec822

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                6KB

                                                                                                                MD5

                                                                                                                bbc2c1b5c8a2a8bfe4489c53f735d2a5

                                                                                                                SHA1

                                                                                                                098354936c37ef0a890eb72fdba14d9c9298d2b0

                                                                                                                SHA256

                                                                                                                cca22f20e93cef9676d2196c713fa29f55f18ecaec5d95d296354fc609e9878c

                                                                                                                SHA512

                                                                                                                65b426e6634ce0a89667edd6c9323376b8e2fa35efbd75a33f0f1547566affb958b4178db739ac10cb5bada0a297812b907a5020755b5a3e4cb1483f61df4fa2

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                6KB

                                                                                                                MD5

                                                                                                                9e2f9b0aec5f6e8be344947df2620d36

                                                                                                                SHA1

                                                                                                                25e8cd181a3c1343952483e8563033fbe7a04430

                                                                                                                SHA256

                                                                                                                7d67e4561aa940e9b31d6b093c3392864d6abde9a02c5d694b8a0abe46b06ad1

                                                                                                                SHA512

                                                                                                                77bcec7382082bf811ec9e4307879915b765207cfb853c55d077877af2c3bed8ff75c1e7183107684ee65d484672c3d455bf62796b7f8563d88bd1dffd41919e

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                7KB

                                                                                                                MD5

                                                                                                                1deb806e431e5bece575e14a5bb03eac

                                                                                                                SHA1

                                                                                                                ba044d10d51b2931b5c85a454bc072d350f6a73a

                                                                                                                SHA256

                                                                                                                17221afd57864d3e039b92dcb2df0d9a192c209b837438bc187b1b625f8fc0a6

                                                                                                                SHA512

                                                                                                                42860e8cf50c7d249b96b84a7225e5060ce85934f05f56e134afee501614456867483d4a49186c9c895425d3a79c73414e51a36c4418f74411485ad4a7557c13

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                7KB

                                                                                                                MD5

                                                                                                                1f95caebe30d50d7e2d422ab21f4950f

                                                                                                                SHA1

                                                                                                                e84221a9a49d9c79cd8c77aa124738c4d0abd6bf

                                                                                                                SHA256

                                                                                                                2438dca70448da93ae0ca958c0e15db74df31f702fa96b91d8448622ca9421eb

                                                                                                                SHA512

                                                                                                                c191660153bd3c71cd8ad5e41b7941701b476ab1860ac9f113fe3edf7d455df28915ac754c42dc5b4689b9b8b77a270a7e1f32c23b21adcb099d63fdffd00d3f

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                7KB

                                                                                                                MD5

                                                                                                                d6fc7352799f22485c0c2ca271ebfcc8

                                                                                                                SHA1

                                                                                                                c6655b8c141f9400dbb9ce9b399cb66e89ad63e7

                                                                                                                SHA256

                                                                                                                e922651b56a52502caf832e36f362b37d2d158274d0a15c5c40e9b4751096e2f

                                                                                                                SHA512

                                                                                                                fbc8ddc53a28de47e8f8eccbcbda948416ed31ae9227e8b2fa1f353668d25dcc543a3eda6db957aaf1ea39ef67e348410390a289448f7c9edb1d27b6ea5fcc6d

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                Filesize

                                                                                                                8KB

                                                                                                                MD5

                                                                                                                b75ac8b1298b6d1a430405a9c54d7cda

                                                                                                                SHA1

                                                                                                                f611c1b4510f2f783ef865cc83ced0b4269cec26

                                                                                                                SHA256

                                                                                                                ff7b71827512b04c4d80adb977a344683772ace98c0b7b345508cbb9e109186c

                                                                                                                SHA512

                                                                                                                23e1ea58924fd27b6968ea295b9489d1229d412fa919b220b000ae14d0b7a2459cf61501bce489f60480bc7e4348b642ec3eaf98a7683f13d14129d098bb350d

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                93055e37fab1e2f9999733c2dcc3e01a

                                                                                                                SHA1

                                                                                                                3ceefd2b972c9b2083e144e7f4494eec241edaae

                                                                                                                SHA256

                                                                                                                90828314b62a19e89c2f579576993ce729ff85a8544135ad8e75aeffc6a820b4

                                                                                                                SHA512

                                                                                                                ecf77a7fef5a0bff541924a480c8a1a6ea26966860c09f17bd06009d0bbb74802058678f4e89d0f0533b0baebb67de99bb940f733d1925c81010350ebef9ef4b

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                1cc8833a87613278ef67ea7d1175c36e

                                                                                                                SHA1

                                                                                                                200a6057c03316d7ff6c12c513fdddedc5253172

                                                                                                                SHA256

                                                                                                                4c4fa7644594a95ee62e8ded5180a9ac569c5ad1af774413c0fab0318f5ec93d

                                                                                                                SHA512

                                                                                                                b708f2815306d7d481ca81e659448a07a1ca886dd39e3fcbd2c405511858700a149171469ff8a0705c2871fec898218c82f68610d825052eb340b665a4538705

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                3KB

                                                                                                                MD5

                                                                                                                6cfa506c23a9c574ed47a659a3e560fe

                                                                                                                SHA1

                                                                                                                477ed7c23cf2c069eccd80edebe5ccf5a9c1ec27

                                                                                                                SHA256

                                                                                                                259bec267f731f7c7ec041ae6ddd472b9d9f2c653d2fbfa2768011e7e9bd2432

                                                                                                                SHA512

                                                                                                                384b38ddd2d5d37356774198f1ecd2f85dfce945b73ae48ad208c3493c72ba583102d9916646537f3b22ab33eebbf7d02a56872b906a780213be2314a279961c

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                a8d6b3d9717824d7390e8036bb144c13

                                                                                                                SHA1

                                                                                                                cce13632d9e6b9799eb6b7233407570300c0d2aa

                                                                                                                SHA256

                                                                                                                263a40c6df401b9f30fb0fa0cf3710976bd16a40dd665c59261f0b05493a9129

                                                                                                                SHA512

                                                                                                                0a5a0942333673f4cfcd40324de1bc1cc57aac3322742f5c027c49680ddadacd41a2b83fcc24e6d50e30f61d975b76e759b56a2ef5d0fe2c4a2b01f802704a3e

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                1KB

                                                                                                                MD5

                                                                                                                bb3f766a7a462284d5be2260927c544a

                                                                                                                SHA1

                                                                                                                00a39404342ec1b6d3ad9b0b14440fc4c7b90859

                                                                                                                SHA256

                                                                                                                100c5faaf033108d969e59afc4085d4254e13f6a2ed2d232adf542994fee4aae

                                                                                                                SHA512

                                                                                                                4168e926a4f641014baa726ea40c48a7f85a4dbcd200bb67b9a779dcdc57ac58cc8caac9feac78f48b02f2da9bdefb70e49b6a575c3914d8a5221b0fcca10050

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                92b458697e6b8af0b65721fa8d8563a8

                                                                                                                SHA1

                                                                                                                b491fb8288f874f0003d1f09e1080c7ae819c7aa

                                                                                                                SHA256

                                                                                                                52db4f6bc5aca1243cba9b8a05e18e1c9149bc67c8471c07a31f4b12458239be

                                                                                                                SHA512

                                                                                                                76dcbd38d9fcc2c8e152d539285abcf04667a912c197a13b310c3e655787cf34c6896f69fae282e6e8a18e89304375a7cc3b637a10d5c824637a4921f2d489bc

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                737366d14da777a91f052577bd80c467

                                                                                                                SHA1

                                                                                                                b85c9230a13750197a54fafc5d3472025e3aaadd

                                                                                                                SHA256

                                                                                                                37a3cea0cff50ee5fe79b5014fdc733fd243da273c8bf0d79c009d9a21c49804

                                                                                                                SHA512

                                                                                                                541d806b8927d0a10ad88168762b7a3da7fd101fa20b2fc0416dd8268334a2fa9bef8f9d0d6e09d85af20aabaa8fc83d52df04db25977dc5e3f4d3801d65e66b

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                b6e11c3696742df39a755aaa44af0e5e

                                                                                                                SHA1

                                                                                                                5ac988481d9c8b041b984c23a39a8cba2519b9d2

                                                                                                                SHA256

                                                                                                                db8dbe50ec13e9dbc32e579170a7607bb679fc0aa24b7d7a53f84004f03cbd2c

                                                                                                                SHA512

                                                                                                                bd1dd4a8e26f04cb8670ef08db05495da8470cf39f3dfcac5b5a775fb56efa78fc3ae49ec4ff0e7faaacd5b9abeb9393f1548d599ccb95066bd9445b8271c239

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                ac373802150610a41f635c2919599a16

                                                                                                                SHA1

                                                                                                                34cd068b7c646efa274d3877b7aaa83e4fb13162

                                                                                                                SHA256

                                                                                                                720d3354d221d78c2fcff12243f40a905b03c475db4c4507ee4ec8474d800a06

                                                                                                                SHA512

                                                                                                                7afd51f7fa3610f7c1fb854938c6d44a5a03786aa8c9b1997e674c9173590de21e1fb98f418b4bd885d2343723f2117ad019421f8725b75ef0efcb1ab30f501a

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                936066f32a3c7d5c63439baab0d43d7b

                                                                                                                SHA1

                                                                                                                1469c37404f4e2ca57ce765577c9472476bfc7b9

                                                                                                                SHA256

                                                                                                                7edfc00146bcb26225d60ff682484b364701425fe5d4505666fb7fc285adf829

                                                                                                                SHA512

                                                                                                                022812acbe790039226a3b05f6ef88d93f27e45c74eae85586d88f5c80cb2649f2b7ceb4938731bbceafa9acc48aa4f7984a09d86aa3450d1715fafe5feafdf9

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                Filesize

                                                                                                                5KB

                                                                                                                MD5

                                                                                                                478af5212e338348ac8f667275696932

                                                                                                                SHA1

                                                                                                                c6455fbba96514427d92d36f00203f418ac83946

                                                                                                                SHA256

                                                                                                                586747ef0e56413808fe2ef11f55e3e114801b854eb43b302efe07d08a579011

                                                                                                                SHA512

                                                                                                                8e5b01417807388ce38356e4d9013ba1c1ad470c8d1d242e83631db91274ea1d284c407b17c7657bfd075e65f08cd051f55712acb1730f4389340d3e0cb8d0d3

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe591757.TMP
                                                                                                                Filesize

                                                                                                                372B

                                                                                                                MD5

                                                                                                                d697f34db3d44d0e05aed40097b7d3b8

                                                                                                                SHA1

                                                                                                                8d10a68b0c639d511f213b0dcdbc7b676e5ad316

                                                                                                                SHA256

                                                                                                                775e14a7ebcb8f6754f4bc6fedf56e994d562e8dbfa1b71f9211730b07b40fdc

                                                                                                                SHA512

                                                                                                                5c95020c93d487089b12b3b664afb33a5f3f3657cb4ffe56d64a673c4156502aeaad89898b72cc3efe066fd800576785ce3fa9626ed499550de009a4c97a690f

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                Filesize

                                                                                                                16B

                                                                                                                MD5

                                                                                                                206702161f94c5cd39fadd03f4014d98

                                                                                                                SHA1

                                                                                                                bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                SHA256

                                                                                                                1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                SHA512

                                                                                                                0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                Filesize

                                                                                                                16B

                                                                                                                MD5

                                                                                                                46295cac801e5d4857d09837238a6394

                                                                                                                SHA1

                                                                                                                44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                SHA256

                                                                                                                0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                SHA512

                                                                                                                8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                Download Submit
                                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                Filesize

                                                                                                                11KB

                                                                                                                MD5

                                                                                                                843792ea5c3001fd3c38e77f5d7de369

                                                                                                                SHA1

                                                                                                                8c74d1d5ab69f34d9aa0cfc57b4621a92949ccc1

                                                                                                                SHA256

                                                                                                                38319bea2494e5d2974b9d1bad58a528cd5959f65e360eddb0a5ccc91c760f09

                                                                                                                SHA512

                                                                                                                f2d31f47cd673c6d449d21d52691ea383c0213ecf384198a6a528429ad7e81f66e22ae33059462ec68536ff132f3f10f3b5a39917725047423d83a454ecd3473

                                                                                                                Download Submit
                                                                                                              • \??\pipe\LOCAL\crashpad_2604_DBBXZZRCTPWUNIEJ
                                                                                                                MD5

                                                                                                                d41d8cd98f00b204e9800998ecf8427e

                                                                                                                SHA1

                                                                                                                da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                SHA256

                                                                                                                e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                SHA512

                                                                                                                cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                Download Submit