Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

1

1000_F_267...Qx.jpg

windows11-21h2-x64

4

Analysis

  • max time kernel
    1743s
  • max time network
    1747s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    02/05/2024, 17:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1000_F_267304704_fAorRvYXavHaapD7KPZR6fsi4ItOReQx.jpg

  • Size

    334KB

  • MD5

    20443b458e10db18c778a4758e20be98

  • SHA1

    2604fbcac3535d638a8a0d8161343f7c96d45cf5

  • SHA256

    39b7a6be7717699839f94167c7cf83fdbd751d4bdb1a097367a19587a2efa695

  • SHA512

    f87ff9e0fd2bda0bd180de32b7081ab416edd29d24d01e465ab2c0bcfc3ff89a601b565951cdb38a3b8ca6a2a44e3162059b6b9302eb7a6ce2c7245e6fe3e207

  • SSDEEP

    6144:+OlpjlF0Xuc/Mpz3tu5OohaVcfqWEzBOFa6vX1a9/7wS1QDG:+OFFSucKTKfYzBiFg7RGS

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 14 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 35 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\1000_F_267304704_fAorRvYXavHaapD7KPZR6fsi4ItOReQx.jpg
    1⤵
      PID:3292
    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
      1⤵
      • Suspicious use of SetWindowsHookEx
      PID:4844
    • C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
      1⤵
        PID:4604
      • C:\Windows\System32\oobe\UserOOBEBroker.exe
        C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
        1⤵
        • Drops file in Windows directory
        PID:2900
      • C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
        C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
        1⤵
          PID:1748
        • C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc
          1⤵
            PID:4468
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
            1⤵
            • Enumerates system info in registry
            • Suspicious behavior: EnumeratesProcesses
            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
            • Suspicious use of FindShellTrayWindow
            • Suspicious use of SendNotifyMessage
            • Suspicious use of WriteProcessMemory
            PID:2016
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffade733cb8,0x7ffade733cc8,0x7ffade733cd8
              2⤵
                PID:616
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:2
                2⤵
                  PID:3564
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 /prefetch:3
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4324
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2492 /prefetch:8
                  2⤵
                    PID:576
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
                    2⤵
                      PID:2728
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
                      2⤵
                        PID:1864
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1
                        2⤵
                          PID:1804
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1
                          2⤵
                            PID:3292
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1
                            2⤵
                              PID:2852
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
                              2⤵
                                PID:4260
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4944 /prefetch:8
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:1772
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
                                2⤵
                                  PID:3576
                                • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:8
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:756
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4564 /prefetch:1
                                  2⤵
                                    PID:3404
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4112 /prefetch:1
                                    2⤵
                                      PID:4700
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5220 /prefetch:8
                                      2⤵
                                        PID:4628
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3464 /prefetch:8
                                        2⤵
                                        • Modifies registry class
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:3972
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4564 /prefetch:1
                                        2⤵
                                          PID:2652
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:1
                                          2⤵
                                            PID:1252
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1
                                            2⤵
                                              PID:2744
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
                                              2⤵
                                                PID:3752
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
                                                2⤵
                                                  PID:432
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6112 /prefetch:1
                                                  2⤵
                                                    PID:3120
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
                                                    2⤵
                                                      PID:2616
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4972 /prefetch:1
                                                      2⤵
                                                        PID:2084
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1
                                                        2⤵
                                                          PID:4908
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
                                                          2⤵
                                                            PID:1180
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
                                                            2⤵
                                                              PID:4064
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1
                                                              2⤵
                                                                PID:2692
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6892 /prefetch:1
                                                                2⤵
                                                                  PID:3816
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:1
                                                                  2⤵
                                                                    PID:4412
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
                                                                    2⤵
                                                                      PID:1224
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7316 /prefetch:1
                                                                      2⤵
                                                                        PID:1756
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7508 /prefetch:1
                                                                        2⤵
                                                                          PID:2948
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6932 /prefetch:2
                                                                          2⤵
                                                                          • Suspicious behavior: EnumeratesProcesses
                                                                          PID:5608
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1
                                                                          2⤵
                                                                            PID:4608
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7152 /prefetch:1
                                                                            2⤵
                                                                              PID:2932
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5568 /prefetch:1
                                                                              2⤵
                                                                                PID:1080
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
                                                                                2⤵
                                                                                  PID:5408
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
                                                                                  2⤵
                                                                                    PID:3044
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
                                                                                    2⤵
                                                                                      PID:812
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6068 /prefetch:8
                                                                                      2⤵
                                                                                        PID:3468
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1
                                                                                        2⤵
                                                                                          PID:6132
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7048 /prefetch:1
                                                                                          2⤵
                                                                                            PID:688
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1940,10955744035480676789,8931424233725933119,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
                                                                                            2⤵
                                                                                              PID:3756
                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                            1⤵
                                                                                              PID:1640
                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                              1⤵
                                                                                                PID:3600
                                                                                              • C:\Windows\system32\AUDIODG.EXE
                                                                                                C:\Windows\system32\AUDIODG.EXE 0x00000000000004D8 0x00000000000004DC
                                                                                                1⤵
                                                                                                • Suspicious use of AdjustPrivilegeToken
                                                                                                PID:1088

                                                                                              Network

                                                                                              MITRE ATT&CK Enterprise v15

                                                                                              Replay Monitor

                                                                                              Loading Replay Monitor...

                                                                                              Downloads

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                Filesize

                                                                                                152B

                                                                                                MD5

                                                                                                5a85ad170d758e61ae5648c9402be224

                                                                                                SHA1

                                                                                                e6dfce354b5e9719bc4b28a24bb8241fc433e16f

                                                                                                SHA256

                                                                                                af0da8b5ad8127ae0ef7773bc9c4b145ed3fe7fbef4c48278649e1e3aa5ce617

                                                                                                SHA512

                                                                                                641414d91c993f74b6b71654522359d606c7f94ac0fcca6478d1bc33c30f4a9fdb9ce6f8e281c79a2f9b9670fda8a4ccdd80e7d64347c1f66d8c9ef024bcb09b

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                Filesize

                                                                                                152B

                                                                                                MD5

                                                                                                22cececc69be16a1c696b62b4e66f90e

                                                                                                SHA1

                                                                                                b20b7f87f8bc64c1008b06a6528fc9c9da449c2f

                                                                                                SHA256

                                                                                                d940b85bc83f69e8370a801951eb6b8bb97efbb3aa427664105db76e44707258

                                                                                                SHA512

                                                                                                2b2e548f2c8f84d321ef2afdf31128065c3593b884ca8111b05800960b5378b99c7efa6165d02fba4c11e6e4b49b14e419d89f76d55ef574f4ac2b7d6ecb3d48

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                                                                Filesize

                                                                                                67KB

                                                                                                MD5

                                                                                                d2d55f8057f8b03c94a81f3839b348b9

                                                                                                SHA1

                                                                                                37c399584539734ff679e3c66309498c8b2dd4d9

                                                                                                SHA256

                                                                                                6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

                                                                                                SHA512

                                                                                                7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
                                                                                                Filesize

                                                                                                37KB

                                                                                                MD5

                                                                                                91cef35adc9d4fa1ba9415d8b77a6b9b

                                                                                                SHA1

                                                                                                4e2e1d50bec1bd658d14f03f1554c726e9d02efd

                                                                                                SHA256

                                                                                                eb11e610212667929b5162c1774c7d5b8d3a9b1a59c21bc661fb17a9ea561885

                                                                                                SHA512

                                                                                                45ccada71cd934b7d055fb5a3db987303351eba475b2375888cf07563c2811ff459026b4d6fb61e93f6a3fe928fc31e08f462609df09ad9773d51084bacd63ed

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
                                                                                                Filesize

                                                                                                64KB

                                                                                                MD5

                                                                                                d6b36c7d4b06f140f860ddc91a4c659c

                                                                                                SHA1

                                                                                                ccf16571637b8d3e4c9423688c5bd06167bfb9e9

                                                                                                SHA256

                                                                                                34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

                                                                                                SHA512

                                                                                                2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
                                                                                                Filesize

                                                                                                19KB

                                                                                                MD5

                                                                                                2e86a72f4e82614cd4842950d2e0a716

                                                                                                SHA1

                                                                                                d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                                                                SHA256

                                                                                                c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                                                                SHA512

                                                                                                7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
                                                                                                Filesize

                                                                                                63KB

                                                                                                MD5

                                                                                                710d7637cc7e21b62fd3efe6aba1fd27

                                                                                                SHA1

                                                                                                8645d6b137064c7b38e10c736724e17787db6cf3

                                                                                                SHA256

                                                                                                c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b

                                                                                                SHA512

                                                                                                19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                                                                                Filesize

                                                                                                88KB

                                                                                                MD5

                                                                                                b38fbbd0b5c8e8b4452b33d6f85df7dc

                                                                                                SHA1

                                                                                                386ba241790252df01a6a028b3238de2f995a559

                                                                                                SHA256

                                                                                                b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd

                                                                                                SHA512

                                                                                                546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
                                                                                                Filesize

                                                                                                1.1MB

                                                                                                MD5

                                                                                                72d29470153d5e5782ea93886bd2a455

                                                                                                SHA1

                                                                                                bee1191570371bdf1147b76469e42e8599adae49

                                                                                                SHA256

                                                                                                6cf1cc33ce3b9484bc9a8741c24398b3f2e279a705f87a7ecd88824621d74879

                                                                                                SHA512

                                                                                                f036cff8f05902f1e2d90ae36964eb45ca34d60364811d125dcb243ea20670eeb21a4b2caba06c563d94547cf3b7ec9c0415e6436d1716ee196dc76232d56b70

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
                                                                                                Filesize

                                                                                                30KB

                                                                                                MD5

                                                                                                60fe166092712d93cc87039640675ef6

                                                                                                SHA1

                                                                                                d6feca303438c5b9c717371e5492100fdf407ee4

                                                                                                SHA256

                                                                                                15982e98201bb48c59ce28ba7e5c2eac42bd8c76f20ad4924badde014f2a4892

                                                                                                SHA512

                                                                                                e150f992f6c597398696d7c13a92262d712f5558386f51f5b9b8c1467b3b091f6c717f06c31ba5fad86c3485b7b4a9dc0755871eece9f13ef3987941bd84dc48

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022
                                                                                                Filesize

                                                                                                20KB

                                                                                                MD5

                                                                                                87e8230a9ca3f0c5ccfa56f70276e2f2

                                                                                                SHA1

                                                                                                eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                                                                                SHA256

                                                                                                e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                                                                                SHA512

                                                                                                37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026
                                                                                                Filesize

                                                                                                19KB

                                                                                                MD5

                                                                                                976a670fcb869e3d759a8e1bd193f7d0

                                                                                                SHA1

                                                                                                1841cd58d1c3ee00f81569dc2d50ac62b2773338

                                                                                                SHA256

                                                                                                76455cf44a4ce2fa713bed77353e3fa768c9d8f005875a4c1c309cac2451c59f

                                                                                                SHA512

                                                                                                d47763897e441fd5ab8dc967e823627b096732276fa1b7d1fceeb1afb234b3c8403ee7a69648e63b30ed9aa0e9abf10196f8378b9f99b034bbc9e42bc524d6b3

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031
                                                                                                Filesize

                                                                                                47KB

                                                                                                MD5

                                                                                                015c126a3520c9a8f6a27979d0266e96

                                                                                                SHA1

                                                                                                2acf956561d44434a6d84204670cf849d3215d5f

                                                                                                SHA256

                                                                                                3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

                                                                                                SHA512

                                                                                                02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                Filesize

                                                                                                3KB

                                                                                                MD5

                                                                                                f7ffe10a2b4c1d7e227173c7b2ea91b8

                                                                                                SHA1

                                                                                                26cddae65209d13966afc6f9e8dbc0bad494b799

                                                                                                SHA256

                                                                                                3bbdc60747876005d577f764ab83f6291eae6b4104d119270987ad1802a600ab

                                                                                                SHA512

                                                                                                c7a5abfe3611514430beb039e40aec93be8b37a0e9fe0802801d91be25d5b79eaeed48ca2c67b59e9551b3ae8e941f35a89b97b8e5583361a6b2b7f2602f9581

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                Filesize

                                                                                                3KB

                                                                                                MD5

                                                                                                360897d6bbd0bee5e5647757f08be328

                                                                                                SHA1

                                                                                                ef29e46b714400668ca8f3be8ac8838ca6a7dc60

                                                                                                SHA256

                                                                                                d0f7e763b2ea38a5865b3c0242eb9a70f1d2dc797d0af2a51561a0fe2b178502

                                                                                                SHA512

                                                                                                5fc2d96f69443ccc6704b8b1b1a881435b10405473e9b61e387cbb74ac26e3ef6db068f739d59b6ecb1f0d017eba1a480d4351e897915c3df879ffe2aaa48947

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                Filesize

                                                                                                5KB

                                                                                                MD5

                                                                                                d3723fe99602d1cf6c6eb6b2e44b0688

                                                                                                SHA1

                                                                                                7f75501eca4f09e51b05eebc82687a5502dd1cc6

                                                                                                SHA256

                                                                                                be3228536d4cb9cb45c23665e9a8b02e4d6c2cc0673be3f23c9768e9c09491ad

                                                                                                SHA512

                                                                                                8fd1aa690c56365a6b2396d5074ed8669ef05b042bb66bb9135270f64e723226de28012d0ded4532c21346242603d19668b7101cfa505bf8daef73c828b8d915

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                Filesize

                                                                                                5KB

                                                                                                MD5

                                                                                                c529a351ee8e0cd16249aff4d6e48606

                                                                                                SHA1

                                                                                                a08ecbf2cb13efd95e15bdd56749ea4c38771558

                                                                                                SHA256

                                                                                                3dd76d582dcacd6fb1cf0a5ea25fac3dfc944e0253e54da4ed4dc6a557e48a10

                                                                                                SHA512

                                                                                                203391544d24cb82c3aeb6419048c1cfd9598691d2fedfd5055e119d17f91a4a1e125ee449f7c65a5f67384e4a7a4c54946b8b8d088c5dfb4023dc9fb56c19d3

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                Filesize

                                                                                                3KB

                                                                                                MD5

                                                                                                e739fa67a01bcc5cd4d1abf41ab34bb9

                                                                                                SHA1

                                                                                                3dfc26af5c21f9e060cce5bd2973e74900e59a1a

                                                                                                SHA256

                                                                                                689d2a7acd477196f83b670d42f02c688dd42627f383e92814a3c34a959c6e9e

                                                                                                SHA512

                                                                                                10e0fb98500b36ef69c4b3668ac717ee5ab17103ff4434f41f6d52651fbfa8151662fbac661626018fc1c0c31ba14f0ec521464b185c8d6a5fac5d83876e4e8c

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                Filesize

                                                                                                5KB

                                                                                                MD5

                                                                                                593c7a0b2ac6e922a345464ca5f85908

                                                                                                SHA1

                                                                                                00a0a0fc8f2ad49bd0c3e28cc6a2b2813caea0b9

                                                                                                SHA256

                                                                                                d5644ccd4d0ae4f935bccf005291807dfeeafca3a5278123de94720d9e21f757

                                                                                                SHA512

                                                                                                4d32702d11728bd433a43f7d483df011325e4edd806070d283eeb5bc354946d6ba654ee81b17c7817e56f993cc00aa7a94fbc97e726bc6eac1bb59e7772aed52

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                8KB

                                                                                                MD5

                                                                                                d60fd49b575a5458545b63077ae5fb3d

                                                                                                SHA1

                                                                                                2aea4f6d05332e5accc104a58c8cbca863c6deb7

                                                                                                SHA256

                                                                                                746eb360128496762d45d61e7c1d48e3a843909ce08b87555e8026509eddf888

                                                                                                SHA512

                                                                                                fa808bd4d1b02fae7412b1a6934f598eb4311b04b8e276f2defe59539c207af7d20ec8e2896531be431516d486b398352be95c204f119460b2b49025155a0e49

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                5KB

                                                                                                MD5

                                                                                                ed6a09cb52a104863d696c1d359a02a5

                                                                                                SHA1

                                                                                                14cbe2e095339ac52c8aa8cce1d29afe3aa2f11f

                                                                                                SHA256

                                                                                                978967f8e6d04a65e81f601ea88116c1ba6a35e11490e5ea58d1dd70589625c4

                                                                                                SHA512

                                                                                                19b5674eba9ac628395405b74d50e5602655ab6da527a9d417e5b1d2e1626c7e5b3c7c1510cd529d924ea309b15f8ab428544585c1b19812e718b99b1b7e03c0

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                9KB

                                                                                                MD5

                                                                                                32ab96f31eb5736aeba14c7128082558

                                                                                                SHA1

                                                                                                3bb820964dbf37173132d7cf355b013d515eee5a

                                                                                                SHA256

                                                                                                d5b59a9599c72d1c70d125767ac6e85d41b6557d66650858ce170a9dbc72c1a6

                                                                                                SHA512

                                                                                                8e8163663d5401ddbec08c5d5f355f844efe7875f514b0f6e942bcd4379b25d1df180f130167fc5b765760fac47db0e646e905390f30ff97f9e1270dbb36873e

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                5KB

                                                                                                MD5

                                                                                                7569f9c2395393206ad149eb558d1572

                                                                                                SHA1

                                                                                                d59e19074358bd459e07d136e1bf797a0153f336

                                                                                                SHA256

                                                                                                abceb6f86cda38f8b83fd2e2262ac961b3409825e71776a5819c4f3ff502d936

                                                                                                SHA512

                                                                                                0bc5d7ec3d6da9b3d80378a76f28e939d2555d497ac43613e10c14e1460caa92bdc78aae5bbbeda6d146250cf0329b0aac4583f0d2976b9da42ce4b0cab5dcf0

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                9KB

                                                                                                MD5

                                                                                                f0c3b619b4a699103e889e47a2d6b72f

                                                                                                SHA1

                                                                                                1369ad6bb281bbbb1c824239078cecb3f177fc56

                                                                                                SHA256

                                                                                                a243780395fd1c2913e3193a0a799d5fadcdf5471cdd6e210c9632041ec6d45d

                                                                                                SHA512

                                                                                                c9aa5349c53f9f8fd736a1eb874ac3126d2b4ec79b77e106b1fcc9b6a3d48fb02cda3ac63648c9e7217f71bd5b5a94cc9a3075b9692906a200fc379b151e83f6

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                7KB

                                                                                                MD5

                                                                                                2c23c2b7f666fe5b0b64131425e7b799

                                                                                                SHA1

                                                                                                f550ea13b64a82a248c0058e9cf3cd9fb6287255

                                                                                                SHA256

                                                                                                54ce6a5295e537cbcef51cb3e37b0bfcc63d13f2f01c32202977e724ffab68da

                                                                                                SHA512

                                                                                                3ad522b9282b3723f7d31b7fc0937bc9858110a3f04a94d1c8da54a7dc4369437063cdcb05fe6bd7711c5296884ddb5c175a57c54529821cef442523af811f0b

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                7KB

                                                                                                MD5

                                                                                                9192fe1747de66b2e52a8327dbb927c1

                                                                                                SHA1

                                                                                                eeaeb80c4f7a16d1a1ee1f88f128f625cfdde8c6

                                                                                                SHA256

                                                                                                cb97afeae101d584e220a93982292b9eb8a59ba61b081b1e7797b53c097969ea

                                                                                                SHA512

                                                                                                100898e09bb2cd0bd030e75e16a20d4fb52586188c50f6e606d05a09e4d44fae0d2abf740cbd911ed1152c2311a71f2296a76209f4d4f56a4e6a702884c64d91

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                9KB

                                                                                                MD5

                                                                                                ee7647633991398d6b1e1925408f334e

                                                                                                SHA1

                                                                                                26193963dabb30fdd3512b84fbafed7c1863b8a7

                                                                                                SHA256

                                                                                                354e66d1892b91bb95903a0192c1aefe7cabbcd31ce64f3ee98ccb65b4f251b8

                                                                                                SHA512

                                                                                                d518b8d99d8a9c1fe854c32a8510c10c04d2a1aec2305310d226b9976f7926a3465c85af564fad3b8dee1f7cd4bc5b1559a4e636a3804fa7f5c6b2e3d71f5fd1

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                6KB

                                                                                                MD5

                                                                                                b02476a519092043e1259e5bf0fdda59

                                                                                                SHA1

                                                                                                b9cff62f93c9cadcdab3cb52acd620578f2c48bd

                                                                                                SHA256

                                                                                                b67f75b0644eaf82557ca6b77d0eaec76a159b21e6153bb13b8c656b3a1c36c6

                                                                                                SHA512

                                                                                                386c527a326120219bd86679ec40845ff77e39d0608f655b6891de60d6c0893f8c7b174824a592601778fe362a8784e43a3b785eb8c7b8c8e105dd989dc6aca5

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                Filesize

                                                                                                7KB

                                                                                                MD5

                                                                                                12adb6e3ca9513b0b25cde3453a462eb

                                                                                                SHA1

                                                                                                00c9de1cf5e7f7cdf0efa00f4c3ced49eff7ac61

                                                                                                SHA256

                                                                                                3dee293d9785b54dde33919ecc5c124255ab74dd07cd49a093c13e5aeb5128c9

                                                                                                SHA512

                                                                                                c327c94048f78ea8e219a1c1bbc66504238acba96cd21c98cafd3ce7c418a7d2d98e47b791bf7b0e528c53446149143b9b50a0fc4345711a6e098433fe58be05

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                                                                                Filesize

                                                                                                96B

                                                                                                MD5

                                                                                                35e783c47252f48a760f7b4b6d43c577

                                                                                                SHA1

                                                                                                9a9ad802b8eb2e76333f0bba1b2fea2d21f42a12

                                                                                                SHA256

                                                                                                8bf7021085b6e661a20fe28f39877d5ff63f4a8f16889da2438a1d6da386fea8

                                                                                                SHA512

                                                                                                e905ad5327bd4c0fdc1eeb95448872966a4fa0992c51f795de61577d61fb897dffaf2bd5ed86602c947dcbe42207eb8082b75ffed809ec36c3792e50dba77fff

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59df5a.TMP
                                                                                                Filesize

                                                                                                48B

                                                                                                MD5

                                                                                                a667d441186c1949913ab3ca1d47b583

                                                                                                SHA1

                                                                                                65d1764bc82ad7a7554f5657c73914eb93ae561c

                                                                                                SHA256

                                                                                                21faa1ab0875c6720a168d351473f6cf6830e6662a55141c10374606e1e2f21b

                                                                                                SHA512

                                                                                                29f74a8787cf1834557c9a368e8433253deff30f3a3918489fae85424d58c88fbe4223b4a0b7db202213c094f97a839a9a2c211956c49375cd65216cf6ba8c25

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                Filesize

                                                                                                2KB

                                                                                                MD5

                                                                                                0413abfb4ecc8a6bfd924701282748d1

                                                                                                SHA1

                                                                                                3a60cd527702b66926c1fd045b6d1b4606cdab0c

                                                                                                SHA256

                                                                                                3e95c1bf40eff42b6737a96601f435650db17fe76c883c47883e52edf0aeabe1

                                                                                                SHA512

                                                                                                826bb60e469d4cffa68f0a6bd7ced4be8a93e787bffbdf02cce17dd446c9c15eb371da11be79f95a7d74398386ab407cddb021d7276ac2a33c940aded0e41566

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                Filesize

                                                                                                2KB

                                                                                                MD5

                                                                                                a3980ab51cbac940dedb5e51fb64407f

                                                                                                SHA1

                                                                                                f8877e19cefb37506b2201508a9d4521faa3d5e7

                                                                                                SHA256

                                                                                                cc7818081b56e81817a6475fb50000838bc69fc727d35e8319a63749be244069

                                                                                                SHA512

                                                                                                eea96bb6c16e35435f05e7fadd133a539d55eecc86fa48ae84114f44aff5d2d97b7c1c40d0bd1cddd5c317fb7446a7232a827ef740bc2a0abf54facd43f07006

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                Filesize

                                                                                                2KB

                                                                                                MD5

                                                                                                647fab791898b7fb0fa96599599ebee6

                                                                                                SHA1

                                                                                                69e1597ed147b96b2e627c357b027f47061011d7

                                                                                                SHA256

                                                                                                8ee8a2ea26ea53c6355ecab468dbd536ef4ed1f9b94bad4ae465822b6f75d90f

                                                                                                SHA512

                                                                                                2b526dd555f83e537dbed4c49d5d3cb86f255aa6c8b178e66231bfdf9892b3321e417a6f88a3c949288e76ec1374f6aadd0c6e87abad5c76fb9fb8687b5105ec

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                Filesize

                                                                                                2KB

                                                                                                MD5

                                                                                                e26585bf7688ea5d6a80c87bd64d511e

                                                                                                SHA1

                                                                                                3551f02953379b35b73b91b497b34cc9be27a9ce

                                                                                                SHA256

                                                                                                7e64ebad41fb2a8c373a784e4a5bae45860df0cea0596043a5301062530cb8b5

                                                                                                SHA512

                                                                                                4835e94404f68e22e7f21935c80a87f1b0aa25b95f160100a16a8d8692b65b852fb319ba86377276170b197cea5c2067c04d753cbd9de23ba8051f792524d339

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                Filesize

                                                                                                2KB

                                                                                                MD5

                                                                                                98a6b00d1b7db1b295dcb40cf5374f21

                                                                                                SHA1

                                                                                                977b8d41dda65a8a300420f327b9171d3b3525ed

                                                                                                SHA256

                                                                                                13b6d811642f5c685c9eac406b4f944ceec89358ccee80b6399519c392031233

                                                                                                SHA512

                                                                                                cb1c7368237d196f4df5ac8c2d15a4c53777966509c9d3cf4c48d98af8e6831ac14462eaf5035e5daa137881c93e46e4c4c33fa2c912c6bbaf4b445eb8140f1b

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                Filesize

                                                                                                2KB

                                                                                                MD5

                                                                                                c00fca6110f7e6e685676134d9beb8c1

                                                                                                SHA1

                                                                                                f551c16cfca374e62167218a87dfced9a9c8caeb

                                                                                                SHA256

                                                                                                e5f914bcd46082ebe9f375aedfaa175372dba3495bfa715cb20df675f39ad9d5

                                                                                                SHA512

                                                                                                51525680b1204f2df9340ce164b84b8824b14dbd373c3557cb24c30f191f563f1a09c3553c4ee5ac2771256f8378d0a5a146a00f54423d4d7bd1007b47e9dc37

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58d4ef.TMP
                                                                                                Filesize

                                                                                                538B

                                                                                                MD5

                                                                                                eee53d4c10e132817b4b3ef09956c916

                                                                                                SHA1

                                                                                                7475feabcbfcde49752c60796b34a7ca6d58aa3c

                                                                                                SHA256

                                                                                                fb9d1c3ea5d4fe9062b3289390acf2586009bf80b7c20279419ec11090f388c3

                                                                                                SHA512

                                                                                                be474683c0e37933820d0dd9a65dfcd75f95b5615fc8f1cd36044bc039e83c6e070476d83b9e99e4ea071db878675648e251a1fe45c5abaf25e3dd4188536128

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                Filesize

                                                                                                16B

                                                                                                MD5

                                                                                                6752a1d65b201c13b62ea44016eb221f

                                                                                                SHA1

                                                                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                SHA256

                                                                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                SHA512

                                                                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                Download Submit

                                                                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                Filesize

                                                                                                11KB

                                                                                                MD5

                                                                                                c80e3bb7b761c913eaae0d4e02f22564

                                                                                                SHA1

                                                                                                5a99521918a7f1cd6ec9072a3edf14caebc45453

                                                                                                SHA256

                                                                                                226e7680c9818501b712896713ab6441968d448d4faa8985d9bd525b5422664f

                                                                                                SHA512

                                                                                                0935cd537ce11cbaea230502d2f438e69a07e6073b0b4773891dc9d13ca78effb5b7115d1a6300c55c0d7cf8ec9ceae566763b4e0ad55456aa2e9755e67d71d4

                                                                                                Download Submit