hxxps://github[.]com/loneeps/Wave-Executor-Roblox

Resubmissions

27-04-2024 22:41

240427-2mjs2aae5s 8

27-04-2024 22:37

240427-2kagksab52 6

Analysis

max time kernel
149s
max time network
144s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
27-04-2024 22:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/loneeps/Wave-Executor-Roblox

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 6 IoCs

Processes:

MicrosoftEdge.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

description	ioc	process
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

Processes:

browser_broker.exeMicrosoftEdgeCP.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

Processes:

MicrosoftEdge.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\IsSignedIn = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Explorer\Main	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath\dummySetting = "1"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Protected - It is a violation of Windows Policy to modify = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CRLs	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = b13de299f398da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListInPrivateBrowsingAllowed = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = c0dddf99f398da01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = c79b3f9bf398da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\TrustedPeople	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\Internet Settings\Cache\Extensible Cache	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CRLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\SyncIEFirstTimeFullScan = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\121\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-SubSysId = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\EnablementState = "1"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 3	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CRLs	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 2baaeb93f398da01	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\NextUpdateDate = "421083878"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 40321494f398da01	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 0331ad97f398da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BingPageData\RulesFileNextUpdateDate = "420419403"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\ACGStatus\DynamicCodePolicy = 00000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main	MicrosoftEdgeCP.exe

Suspicious behavior: MapViewOfSection 6 IoCs

Processes:

MicrosoftEdgeCP.exe

pid process

1332 MicrosoftEdgeCP.exe
1332 MicrosoftEdgeCP.exe
1332 MicrosoftEdgeCP.exe
1332 MicrosoftEdgeCP.exe
1332 MicrosoftEdgeCP.exe
1332 MicrosoftEdgeCP.exe

pid	process
1332	MicrosoftEdgeCP.exe
1332	MicrosoftEdgeCP.exe
1332	MicrosoftEdgeCP.exe
1332	MicrosoftEdgeCP.exe
1332	MicrosoftEdgeCP.exe
1332	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 6 IoCs

Processes:

MicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

description	pid	process
Token: SeDebugPrivilege	4872	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4872	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4872	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	4872	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1840	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1840	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

MicrosoftEdge.exeMicrosoftEdgeCP.exeMicrosoftEdgeCP.exe

pid process

5104 MicrosoftEdge.exe
1332 MicrosoftEdgeCP.exe
4872 MicrosoftEdgeCP.exe
1332 MicrosoftEdgeCP.exe

pid	process
5104	MicrosoftEdge.exe
1332	MicrosoftEdgeCP.exe
4872	MicrosoftEdgeCP.exe
1332	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 6 IoCs

Processes:

MicrosoftEdgeCP.exe

description	pid	process	target process
PID 1332 wrote to memory of 2152	1332	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1332 wrote to memory of 2152	1332	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1332 wrote to memory of 2152	1332	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1332 wrote to memory of 2152	1332	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1332 wrote to memory of 2152	1332	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe
PID 1332 wrote to memory of 2152	1332	MicrosoftEdgeCP.exe	MicrosoftEdgeCP.exe

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/loneeps/Wave-Executor-Roblox"
1⤵
PID:4180

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5104

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:3108

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1332

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:4872

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2280

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:1408

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2152

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
PID:1840

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BLQDLNEB\edgecompatviewlist[1].xml
Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\9A8Q2LTQ\suggestions[1].en-US
Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-782c9388f902[1].js
Filesize
16KB

MD5
e014ed08e7c4152232901eaac4c9cc25

SHA1
ab874990624eba5235f771b982b9843732882c78

SHA256
f7cdf9d34cae7caf3d564ef0578cf2fa4e6e4e3069819fc76b09c098e5eaace0

SHA512
782c9388f902ad438865ebf859b6de53061d83f5855e7da213c0e8ffa8946657d9242e8b59fa4a5eb89893d980cbcaacdf6a6aa067dd3ec8644e1fe60f97c019

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-9285faa0e011[1].js
Filesize
11KB

MD5
ea2f459bb2eaf606a6d110bb721f8c85

SHA1
0cfc1539816ee68e0ccea2f32fb4191bb8b05224

SHA256
3c0095ede9f86618b394dcb281a35c659330ed3532ff49cb699c4f95083a912c

SHA512
9285faa0e011208b72caa43ce51dd15a03224c73810ca9d549ab21c344c2c96f7b6bb31b86e922858cfe6cebe6e3b09e7dc8fa35c6c78fd7c44b6c919002ad02

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-355eb4940fad[1].js
Filesize
11KB

MD5
3a0b7e6aa83764da0539690c2cde888b

SHA1
3cd331e60b951a8f648d5cec76261beb2a72926f

SHA256
c9996cbeeba704d406c71f981429fb417cd92f34aa9f54b9a6754c490c0f04b4

SHA512
355eb4940fadc45c94457810a71299b3b48471715cca0aa5367776a26f15be2a1d65a24fc38fed07256acea74073789f4133805f5fccfa1b7d0f5a27a2bd870b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\app_assets_modules_github_sticky-scroll-into-view_ts-1390d8d5a0dc[1].js
Filesize
9KB

MD5
181dc004a0b7a9cecba577f68e31b4cc

SHA1
935540b590345ef82f768c8a5b164a42fd216078

SHA256
f0afd69750c377a3f135d3734998c50d5639eed7573a40342d278a16dffe904e

SHA512
1390d8d5a0dc833a3128a47ba87f343dc9baa0380f0a3f1c08f1811b6d137407a2edf49fa81255d32fd23ce5ff4764eeb3256ee093d74c79ba24de90f2314cc1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-82813f-05346aa543fe[1].js
Filesize
14KB

MD5
274889a053ca3b7c815456482d77efc4

SHA1
43f03ebe69dc7242ffe45f1bd61c419963abd3ed

SHA256
9636d8c3a816b475fdec18e6e40394eef3c0e937567453f396425f8fa3201647

SHA512
05346aa543feecc8050d20652bdfc6f2b98ed57f6f3563dae847c236c3c64adc56d86fd1f94af8d047c0438cb7ffd16beb9f76f588ae7ab4575b07903e6ef761

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\behaviors-7f67a24be639[1].js
Filesize
229KB

MD5
e4df7d36bb35a894c8903874189aa195

SHA1
c0f52d7f8f2d3fb628acddb0ffbe34c9c2cd6ffd

SHA256
46a604d76b35d828b2a3c31a46bc573b38944464214e09e5f08e7de833a7a9ba

SHA512
7f67a24be639a9db4680dd19e894b887cd34fa78d6942a89f777e8b89081043951bc1f515ebb38f657de54ed49697b30585a19b5b379ed2114f46251de175ffb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\element-registry-1f97eb8d96c9[1].js
Filesize
43KB

MD5
5ce78d5b60e40ea6e9ceb681c4d16392

SHA1
587bff45e531b2d62a6bbfa4f5ddf480f2b0d8c4

SHA256
430f3a78b33f51874ffa0d4196c6896568055094d55ccb38742b8c4030cefab2

SHA512
1f97eb8d96c964e73c7b68b9b420280ef9d1ebcc88165c40fab27c5f4e365af48b0604f3bd3d41271c7f156859cac3dcf6c3762fc4911a93a16bcb6d612ab96e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\environment-775215f6b8df[1].js
Filesize
12KB

MD5
e0a178ecbc91bcbae9e8e906adb78e33

SHA1
a9738626c14f73015b36aafc729b325544f7af4d

SHA256
751de4fc6bc6c42c11515ce3805d1715190eb6b01bcf4bf14b2aa7c0deeee99a

SHA512
775215f6b8df5b189ed8fe380fe37a4c6d79de089051c3ee1242f1d8223d28fdf6c08c694dcc42e9cb4c0953bc172b099a16f9c6c774b3f747e2a30d60e90068

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\github-elements-34cbf079a4f4[1].js
Filesize
32KB

MD5
9b47ccb6b752170f8b8ec20286fe05d5

SHA1
901760a96176174e307ceb67f3da102cf453464d

SHA256
059921042948a7df80ae1f8c76c1c0442143ac4809aa32e0d0adf514628fd705

SHA512
34cbf079a4f4d5e31bfce2841741f11658e0f9cb616555c87fc94d6dfab507484df09b215ccddd590fd13219a4a0723f64f0cc13bca4e5b0a16b536f4bc62831

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\notifications-global-6d6db5144cc3[1].js
Filesize
12KB

MD5
261150ee37eedc1c587ea9a21a7e1b6a

SHA1
f2112e464b8a356e675ad36e2c20f58e12e140e2

SHA256
020fa19a1945b66e3f2bb224b98568b884996fe404bd5dcb9e91d20bbe6ceaeb

SHA512
6d6db5144cc3ea031f04632fe9eeea3ff3dd4d91740526de02e57d2cae60aa5afe5b8df0de2d92c46eca064c5ae20abe3d7e9778d36e94990f74e432f6ecec70

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\ui_packages_sudo_sudo_ts-235370c302ce[1].js
Filesize
10KB

MD5
2f26285fe25ad3b265ff1158bb6655d0

SHA1
67855f1c6a15b298412d9699c8f145a00fc1ef16

SHA256
3f0ec289915d5c42ff50b18a6edd2c12e19fd6566643b59d2957395a53bbf04c

SHA512
235370c302ce6a395d7c2ebeff61da41d9b5ec34612a1761eec7087c3998ae77992037be5eff6f867968256c7583559aff46a17ca4f38858fd8273be4d1714f5

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-fd5530-6f4d94175afe[1].js
Filesize
23KB

MD5
b22d2d1692f69b2efa04139855062a18

SHA1
1fc413cb1316a566968350421f21b689ab9f324e

SHA256
534b2326379d82d5f6e037b7e58a83daecba5c1070f575b4cc33a39d782e62d8

SHA512
6f4d94175afebae7662536dc24a486f3787204d4ef13a6ad8c64a30c9eeb5904cedc945e6faa9b7f71a4b65ef37abc422527381a1212cf4991c6b750753421d3

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_color-convert_index_js-72c9fbde5ad4[1].js
Filesize
13KB

MD5
c706ad84a4eb261b75d1f77ce7f9bdc8

SHA1
497a9725442e7305adc54d19b828b2e38c5c56cd

SHA256
80b561c1746ef1533744e7bf7ea3f6c721a88a104d665bb97ffa8df96e69b682

SHA512
72c9fbde5ad471c76b76034459d0d75db00cceaf3904a14c01dd9dd9167da7f783086b79c446b24ed2630c9cebca1996b3ff8ea52dec6c865f173c8158962be6

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71[1].js
Filesize
11KB

MD5
c59673d413609f36559412bd12b5776f

SHA1
7cd5f0a997f4d154400dacbfcab376395009f690

SHA256
eaeb0852cbcffaef96c7a00b0080169f4aa752f0f1d5cafcdf6177e2d0698c5b

SHA512
2ea61fcc9a716eb3452f0b6d6531d0c724f69aa55a032af882eaae96f7f59bd26f028f1832f1aa65bc6fe90612acbf145249cf83b285399e8e4da7fc4c9ff5d2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_dompurify_dist_purify_js-13ee51630182[1].js
Filesize
20KB

MD5
2e4dc91ea1bea153c73307a42db02ea4

SHA1
c1a8652552b884fd87324b7f66b4423fc50a2bf7

SHA256
e5946343506fc6104aacd3346e8a3a8c5e7b434e8ce9e84525585d7e80a18fa4

SHA512
13ee516301828fb703a5ef99bc618183a3c4e293d85aca9ceb63f941b5b99ccfa68a41e413f5a69716b38cd6b7592d243665a6c5843d7b6e5261a96e59720077

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-4da1df-9de8d527f925[1].js
Filesize
8KB

MD5
e26206a08e0a408cb0ac26b62bc378dc

SHA1
1976478d9d2e3a2b594b383a71b7c18c33abe31e

SHA256
5480f3fc81d2395070c90579a17b32713d017c4d17dc9bad135afe1521976930

SHA512
9de8d527f92555e0c1222d6ed8290f66a7a34b5bbff0ae827b40b85cc2ccbad51b4d097ef269aab806d73059e7ea2afe8321ff19a5e12752441f33f56bfbcfe2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-7dc906febe69[1].js
Filesize
18KB

MD5
4d87a5470325fc3adc78598eb62264df

SHA1
9e7c5e4ac32802ba23d14e7c0d989848ccc3132d

SHA256
17339ebba6fc6f421db7fb62286f502727680abe7513bac481c8f50c1a747a10

SHA512
7dc906febe69aa010f9c86c3de40bb23d258c1f06c1be8ea034f605eedbd5399ef5bf9a51566e79f0a8f0639ad4e5f727f4a3c1771c7b03bb6568a8e0606a3d2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-84957b-7b4e472db160[1].js
Filesize
39KB

MD5
d01d2bce3dc98f2f2c666ae71ca217b8

SHA1
f13c3f886c48a4d2128059ecda8a1d20f18c9a7a

SHA256
6df87b96f1a0275b8b53b076cb0e96c0db94d4b0fbf68af46f104f517e959616

SHA512
7b4e472db160274656c05f75b966dd61ece0b267680391018a38ab50b58fa43310db33d846bb2e1f0f91d7af2a78e10c200c293a069e369247a5251bc07ee320

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-a8ec7ed862cf[1].js
Filesize
9KB

MD5
f5fe12a51a2d925ad59a3b4dbde64239

SHA1
eaa86c9029b6cf765ea31c730ee0c89817cb43c5

SHA256
b07d51e4c93c6d1ba90812c547f4b39a7153582a8bd99e84397098b16223d3a4

SHA512
a8ec7ed862cf730b3eec63dbfccc41cc3b6c8f0cc2b31ccc6d6cbd1041a50ce050a7b977f55008d9a9f5fc6a889260c4766aab744a63d8670410323cd18ae31c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62[1].js
Filesize
75KB

MD5
8d2fd700b674b265b884566f9e1a68b2

SHA1
b0071dc74ec8602aeb4d4063ace590e7dc26ab6c

SHA256
8d303394176f2b0cb950c35e71caa07a94141a3625c75d8b5da9f42f9a1bd700

SHA512
c91f4ad18b621b1321ca15512f94dfc9b7759ea2d0a150e0d4ec12c62ace6f5d01e60b991f0f1fa523b96ff9e0174e89a5c6496a6df15b61e57f232f2fdae967

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_lit-html_lit-html_js-5b376145beff[1].js
Filesize
15KB

MD5
81628c9093236d8e3cf835f708c30608

SHA1
846b10531dfca6510051fc43abb8f9b5647a0433

SHA256
daf381c316a5988c9116aa65c5816cbc8a958211b4c0b7d989ad6c9645757902

SHA512
5b376145beffca1bfc6b0352c08819609a974b6170848699421208752a63f057869e0e4ddd23797b3a0c281c276d7fae580cf41bb5465c632aee58524b21e7ba

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-05801f7ca718[1].js
Filesize
5KB

MD5
11819c8c15340c7ca8339fcc945a4f06

SHA1
5fb0a03295e008aec0a1abc786b9e8bdaa3a233e

SHA256
7bb4cf0c86c218c29466a022a4c087e72ae5cfbcc0307a67c9a5af2a0ec2a521

SHA512
05801f7ca718d5ffd9e34ed99b557c1e8c624eb6263e0eb4f94e6fe32c4a1b1c1663419d89594358471edabd80a15f1143200b4150051e99377b988dba7d7389

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-7bd350d761f4[1].js
Filesize
9KB

MD5
b6b600c9f1dd4c88024d62e6ff2eb871

SHA1
5a22091378af6a681a1edd36e5337b9b6f70613c

SHA256
447a26cbcbced255f24f46c1e82a6f3a4de3b2a44d4b0ab7b6f427b12f783f8f

SHA512
7bd350d761f4f22866b454b1271af79ef5d23f5d1b8cb0598c34f739e3dab977450d61d01b8a0c135fff309389f712c0114e9cd6e844d2261d2536377b71b838

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34[1].js
Filesize
8KB

MD5
913a77fa8f878b5f1b7bc5c3c53daa45

SHA1
e2f68e5c24e77ab985603430e9666fc1718cadf7

SHA256
69b7ef034ddc6b605311ca503ca24f54de1758816ef270a160315ed71fc3d7e5

SHA512
95b84ee6bc349a259aa1a1298245ff5edb5cdd1b6f5013e0c5eff8059c1f90125e8a1457c40c54ce103f4d18160a55cd7084922ae283bf00f8b425cffd1efa48

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\FUJ3HSW2\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_detail-c9d0ba-387cde917623[1].js
Filesize
16KB

MD5
53ff79ebcfdf43432442302b235f7eec

SHA1
779135179b1f66f503e355b5b1bf1d629cb7deda

SHA256
0e9858012a17c942cd8a3761815132a66b1e1a721732af9b84a4d17d822a0eba

SHA512
387cde9176234c43a9a2ff92655b22d330b5101da5abdb275f1cf2383e19f4b50d1ba6485c603f9ac154d812f5d0943b4b7fd87973fa69c8afd48d005b9974af

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-745e8b6794ab[1].js
Filesize
12KB

MD5
b4573f1cd7cdd2573ecbdf707be8a3ab

SHA1
970d6f423fa9c7923f5a19fc3e449bc827c863de

SHA256
8110d18a776a06ad558a2ee7499c04400f634c3e2150e700ecf2fee84c7b4ceb

SHA512
745e8b6794ab3cd4de1fd40e464c1f090879b26f7dce8a266005781808b312c599eeb6e966049db3e18b815f30506c4c2061065034238d8baaab8fcbe5afd84b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\dark-1ee85695b584[1].css
Filesize
46KB

MD5
2f1124986d7087c89cfedbab9e6c5090

SHA1
84af5865a920d527c436719c2b00d9860e68f07e

SHA256
6e28388875a179d32b9788d45aba0cf5901513106aabc738c6f290643505b007

SHA512
1ee85695b5847734f481c143211fe9d590a987f2b56b1772664b7a529455bf19592bcfbeffc4281ed1b6679299244d40112203438e6275271a67c4bf1181fe14

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\global-1c8bb26336c1[1].css
Filesize
271KB

MD5
b76bff301694f4eea9eba00250d95ecd

SHA1
6dad1fc71e0e5f36c442a00f2f34bad0f2540a27

SHA256
65d11c9255b5e69866ba6b917fe319c247958ccb42829742e3d84a5ab36687a3

SHA512
1c8bb26336c12f7d75e25ef09285088d9dd0fb5111f959edcbc48d517d181abdbff5af03d0de9c3e114c0e18b3e8a505c4f4099f9395f8ceaadef3903fec234c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\light-f13f84a2af0d[1].css
Filesize
46KB

MD5
deca261177994c06974b8eed93ab0d5a

SHA1
6df91477da6dcfd0ccbf51fc39f2f31f03acd8fc

SHA256
7dfb4dd6d5448e12ce18a0c186a890f6b9e4550e9e160e83fefcaacdf6decd9e

SHA512
f13f84a2af0df501d75659ef3682b9991894b860be2045d686b276698831c211d69a7df233fa82880f83c633226187e5c4fbfaca2a9983fc0b52454f78fece98

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\repository-fa69f138fe8d[1].css
Filesize
27KB

MD5
92ddd397a592ef8df629545aff542ece

SHA1
de50aa0321796f5e0d0c162fab9b10f7c98d11e7

SHA256
ca1fff862edeb6dce1953d3ff7f1b76d84aa12aa7ac4d4eca05e323ffb3f6ad2

SHA512
fa69f138fe8dc9e8fbcc9f8211bc8e82608ccd52a41586a1438b3ed05922f0ddbd2e634fafcc34add72e0b36fdc6720d6a68530d6b4bda61fdf20e57fd553d2c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_delegated-events_dist_index_js-node_modules_stacktrace-parser_dist_stack-443cd5-1ba4dbac454f[1].js
Filesize
20KB

MD5
752eb45af6eddfc36e3093b24349e9ce

SHA1
99dbd6a84c7a358a550477fafe89681382e33853

SHA256
7a33dc030df6ffdac087a68957ff32de1c009447a7486be5770f290b37a2091a

SHA512
1ba4dbac454f4d7fcca50f75a5fd12b9591b8a7616a584e46c0a46e71896e69be5d3a5bbf8eb8c2118c3dcde22cb46e2c85cd37166fdb616e0c7318898276c2f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_github_auto-complete-element_dist_index_js-03fc21f4e80c[1].js
Filesize
13KB

MD5
4d7edc0ddd43e54f4590ffe2f41756a2

SHA1
d6abd8e362faf9b9ff99ecc405345c553de6831c

SHA256
593268251b1b94c08df2e4f4ab6489678391cb112fd75a5e7a53f990d40b03af

SHA512
03fc21f4e80c42f4a4dec31f373272fe0002f5fb79295d3c9a165fe0e03353d793806f85f1e47bd7e357b3f278016ee578b090f553d8ac57122ee6b903b2ef07

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749[1].js
Filesize
18KB

MD5
1908a7d9985e9540b3f6fc047f62b729

SHA1
25a06882e338da16bbc59797925ac6086141f478

SHA256
1b92b8a1d5169e64edce1fb248cb5989561060b083e5f05b6ca2a823b748a946

SHA512
bc8f02b96749a7ec00a92334c4964a4255611b23e15b88a9fef73fce2b55e32bfefa7f4bb89d436685a92fe188713790b9154ed79b5d7b3690a3ace68346cadf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-27181b-3509ed8075c4[1].js
Filesize
97KB

MD5
6eea70c9ace3bb9f6c684fd593318b48

SHA1
2cb85a9551db444f4e5d69065374a717334c65fd

SHA256
1fb1497b55f8d938c1753c298394604d4f959ec90b8cbd9ba70771b885cd1029

SHA512
3509ed8075c434814ac3f01e1acf881f456e4a3cbc94ff6849757f30f997b7c05c352916780f8b42ca7ca611f81d29b0330a40891fb72c72c6cdff9ee2e8f458

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a[1].js
Filesize
14KB

MD5
2cabd818fb8745b2fc7d5f92594269b8

SHA1
88108fecb3839f06671c2a21e35163e0e414b2b0

SHA256
55cdbee6ddce98f5c299a24fb9851501f46ff0cdd2ef3b2f7bb572a3940b462d

SHA512
c76945c5961a4f5b2cb1f85bd3cbb35d5e81f611c3ba05543acfe870728e94e9719c9331b65f4c2c8723960c5ac1e9cac0495a892f049b41ed3ffbe899b93700

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js
Filesize
9KB

MD5
683a7fe431bded8fbbf7b5189a1b8209

SHA1
2fb527473877ea06ec6b023690ce933c216c5d07

SHA256
f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3

SHA512
9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_github_text-expander-element_dist_index_js-8a621df59e80[1].js
Filesize
11KB

MD5
da04614ae380b68c111984f401413fc7

SHA1
7ca0dc023ca0b1654d7c8630b8a05534e156d03d

SHA256
85fa448f4d60be73de2f42a83937523b7b751a4523b809fe9e3edb404e00b835

SHA512
8a621df59e80e8851a8cf3db03462095e8bba43a860b1018dc66780448e82d19871be99aab995fa57025db8b7f8e975eb0595fe2c59ca23d984b4d21d5031aaa

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0[1].js
Filesize
8KB

MD5
6822816845d932c1e93f68372f005918

SHA1
1dd14a539530e8d131ce29be5e5f84e4098b6a15

SHA256
14d338ed3345cc8d74e239c812aa37eeee6126bc1ad8a17e4e2cf6ba8ee0adee

SHA512
086f7a27bac0d285f5e0c849cebac7176f86edb18037d8ec4356c2b8892fd3f47e045f857eb673b213661eea17441192cdb7a76c807c2badcecff6b7901aba92

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\RK76R0BC\vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bb5415637fe0[1].js
Filesize
13KB

MD5
331e44e17e9ff14023510b990053a71a

SHA1
096363b6e8794bbd45a352d3cc8cfc4946b832b2

SHA256
7db9b2cf77bda551dc5b202710a2ebccc88a74f6d807a8eaf19d3624befba34c

SHA512
bb5415637fe067dfd3bba724d1e3ec440d342feaef6d42226cad26c535dab05ed798c92b46104b1cc843345e11d3e40a72a051c7730438fc2ea59abad6b2b26a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TBLMKGZN\Wave-Executor-Roblox[1].htm
Filesize
230KB

MD5
4f0a1cd3b89523dc985ab6b0b944ae6d

SHA1
31ede4bf91755e5c5d1ca1c3859e880a566af469

SHA256
1c3e158f29bbd11e1fc99931a1c55c27f923c68de696d5627cb68d0d7d697535

SHA512
c3dc5a3e56a9bb22e500f5c39a34233be8b7e6c5891837a6534349efcc205d08dba904d37c2d7717fe85b8814b9eea05d997cf6408d29b3d228a32ccb60e46f4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TBLMKGZN\code-111be5e4092d[1].css
Filesize
30KB

MD5
7cb9080aa576934b53486d3746529970

SHA1
cb9ad049ca59d0dc0095470fddb2bda8798211cd

SHA256
9850beb3ebe2c31da0ece9d1a823e5e7d26983626c6e2acf4210d33abf6660c9

SHA512
111be5e4092d831d8e068ff4b6d2be94cbccb5bf92adc549a6c2506c4712ac177d15a61b56bce1919a2bdf9bb66d4a24b805db3aaddeb86823912d1df805f2fd

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TBLMKGZN\github-07f750db5d7c[1].css
Filesize
116KB

MD5
19a4910055069ece0fd15033333b5169

SHA1
cc741789ac4f11c2e1818d25554f470ed002c7da

SHA256
c0467d247bf127ccf1de67ede2d21bcec6e1414e1c4f0b40f83f323b6d407156

SHA512
07f750db5d7ca69a75c752e69beb712768b99da639ee3ee96857c7c4e69364dee00c3f5a601b4cef713c6cfc4b0755d0629f4982bf35fe83dc2dcbca203e59d4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TBLMKGZN\primer-241a089e9a0a[1].css
Filesize
329KB

MD5
7724d1ccfa7c579a5d0a990f0a2890a4

SHA1
fca59b4308d3e605c15d15d59074cb7db9ab7424

SHA256
adb9d3f465f5fd590c46320bbf586d0b49ee0b71dbeb2c5650462bf902faab66

SHA512
241a089e9a0a69930256aaeea146aa41b9125aa848db3d4cf5d392eab2d861b4c52250f4998323358d00a19b70bd2393a3d5990b7676c5e37e5ce92b34d25448

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TBLMKGZN\primer-primitives-0b5bee5c70e9[1].css
Filesize
8KB

MD5
4a501b962a497016dc70c7dc3f95f859

SHA1
7d50b4e6274c503021751982621678afed30ae6e

SHA256
8a9ace6d9250dd653522dd94b426d1617df95fdfd86264beaccefa22c78fc7d0

SHA512
0b5bee5c70e933f062d7773a200472973456db928fb6dfa0c9bf0ded60b04e4b0100ada3f4234193aca992acd72d196f5b5f458fa4b51636b6bfe9be16c8f191

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TBLMKGZN\wp-runtime-7a26cf7dde2c[1].js
Filesize
41KB

MD5
e7ab9395664feb5ccc5e384c46e7cab7

SHA1
bbffb72edede1f738fc5cb8bb2b2472652eb3934

SHA256
73e002a7c72fb31bb548a3437097f99dfc0a98ed954d51ebda3e532904d02c82

SHA512
7a26cf7dde2ca4dfcfe6f21e14b15ccb14f134b15f71fdfd8d4b940a632bcde6d95d098eb1f9afa125ea3d0734ed4f91bdbd94e80eb88b624eb12203428cbb78

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\3KGI1PLW.cookie
Filesize
166B

MD5
fb3d267978100b2c1c81691d85316f87

SHA1
b0f888688081ece8e2b711b8c3540c9808ad4dbe

SHA256
a6cc5234568dbcd54448fab0393783fa926cbce60b643ecdc07701463588c327

SHA512
1546cabb54951fbaa29518f936e7394c402c38c35a9db72972d1ab5feb0c137268b965956dc8b784b68b140936afd0eef4be0a12661703424b730c0f772e40f7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C
Filesize
282B

MD5
e148026c2ca32746e15a2ef9c6bde16d

SHA1
f21865dc0792943657f531184a6c795ad150debc

SHA256
625d7d64900520bba848c3d7a1dc9bd011ba56fbbbf086a50f1a2e9fa24e150d

SHA512
00d64d8367d529603e2253b62523f36c1dd4c40563459bca40b9da2c2f67006f4bf7102795f28975c9bcabd7ce72668ef1d3706926c751a25432ccda9166efea

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
Filesize
1KB

MD5
6ef436b82678a1564cfc5690d807edf8

SHA1
1871f3f5325b7962ad9ed47c31e5d8cf325bffec

SHA256
10538a86254fb43318975dde02294db9fbd3a73eaeed03804339a6bae1843259

SHA512
c766cdcf0650d5fcdca8bc8bb5b13f804c894064681a1d165a03ea9317534b7fdf03f34f6d17faf8114bcd7149f36894fdf33d94e73c9c7cdbf876345ba8a47b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
Filesize
978B

MD5
b5ffd1384ea2cc3fbb18404ece0d223c

SHA1
26aa83aa4514b0cceb308c92f8f992a5ca714fac

SHA256
94c0b7c584eeb89716018df3a8f0ea8237f40f869dbc3c32c0b07271a8965572

SHA512
5d08e43a85710482c41b167b1aadc85e6899dbe181e99b4d0fe2a0f0e45115d5b1bc8a8ff64c6c0f84f98fa5d3f5f1898ce98bd6ccd09d591ace8dc990fef2f1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C
Filesize
480B

MD5
27333ed34f82b0f62c5977ee238d3dbe

SHA1
ecdfdbd8937107f7f6b1e787a1d31542bd7dcb4b

SHA256
8d4f0c61101b99379b8117792fae85da634ca3e844bb47ad5dbf96147b7611d6

SHA512
8ffe9e5e765593d58c10eaac0ae6ca39ee94d70e557a995c0039968b024106d2d91102fdc72d443a8d46b889d6524fc0e0259469c6e50910ea6bbf086bcbceb8

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
Filesize
482B

MD5
0f8bd882455902ebccd0d7be0c9057ad

SHA1
1ccc12e94fe460fcac1540fb440bc9e14f6807ab

SHA256
e466022295eb9a954082f689817202706688899a41f25949b4e0baa0dcd3e51f

SHA512
998a9d255442d2b70d30d4723947ee1fb2b07f3c9821d835f6a97d75a072d683c7746d45e2421da3c21d6ee0b7cc95cc3d77af4b010dda3d44d61b1e912cc59f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
Filesize
480B

MD5
a7dca9ea35ca6008202efc8dfd4477b3

SHA1
a2d8b7977f7158ebf66d80a979736ac55600a9e7

SHA256
374a00030dfdfe774f6df26b6165530a74bcd311e5eb4a67b60b4ecd4d81da07

SHA512
414cf543d6fb10651456fca4f8de74a948834bed255adf02e18dbed3c2b08300ad67f4036718a44651667e45226ed645f8f5de7855746d7bdc5cb2afb9e5a5e2

Download Submit
memory/1408-153-0x000001F426D80000-0x000001F426E80000-memory.dmp

Filesize
1024KB

Download
memory/2152-189-0x0000022A0EB00000-0x0000022A0EC00000-memory.dmp

Filesize
1024KB

Download
memory/2152-202-0x0000022A1FB90000-0x0000022A1FB92000-memory.dmp

Filesize
8KB

Download
memory/2152-194-0x0000022A1FA60000-0x0000022A1FA62000-memory.dmp

Filesize
8KB

Download
memory/2152-196-0x0000022A1FA80000-0x0000022A1FA82000-memory.dmp

Filesize
8KB

Download
memory/2152-190-0x0000022A0EB00000-0x0000022A0EC00000-memory.dmp

Filesize
1024KB

Download
memory/2152-191-0x0000022A0EB00000-0x0000022A0EC00000-memory.dmp

Filesize
1024KB

Download
memory/2152-204-0x0000022A1FBB0000-0x0000022A1FBB2000-memory.dmp

Filesize
8KB

Download
memory/2152-198-0x0000022A1FAB0000-0x0000022A1FAB2000-memory.dmp

Filesize
8KB

Download
memory/2152-200-0x0000022A1FAD0000-0x0000022A1FAD2000-memory.dmp

Filesize
8KB

Download
memory/2280-65-0x0000025384C00000-0x0000025384D00000-memory.dmp

Filesize
1024KB

Download
memory/4872-44-0x000001E4CAA00000-0x000001E4CAB00000-memory.dmp

Filesize
1024KB

Download
memory/5104-0-0x0000025096120000-0x0000025096130000-memory.dmp

Filesize
64KB

Download
memory/5104-35-0x000002509A410000-0x000002509A412000-memory.dmp

Filesize
8KB

Download
memory/5104-221-0x000002509E780000-0x000002509E781000-memory.dmp

Filesize
4KB

Download
memory/5104-220-0x000002509E770000-0x000002509E771000-memory.dmp

Filesize
4KB

Download
memory/5104-16-0x0000025096220000-0x0000025096230000-memory.dmp

Filesize
64KB

Download