Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
14/05/2024, 20:35
General
-
Target
42f643795e0d6296a820f1b27e49301a_JaffaCakes118.html
-
Size
102KB
-
MD5
42f643795e0d6296a820f1b27e49301a
-
SHA1
cb4332c83c37bb3ff820f2956a04e3ae4251f696
-
SHA256
3f185524061f8dd4350f2ac8421b15b47c76f1700fdd95f222957e5de7e6ed52
-
SHA512
613e572915ce759926a87e95ba5dcd724a955b2596c27a0c0149ac16ffddcf81dcaed88b49b401680a5b4fbb957031646ff510a3dc3e9c6903f37bc595d104de
-
SSDEEP
3072:SzZBFWUzEgyVVOmNEBGWTmWDJhdq/E7iwAsQF:SrFWUzZyVVOmNEBGWTmWDJhdq/E7iwAR
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: EnumeratesProcesses 10 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 44 IoCs
-
Suspicious use of FindShellTrayWindow 25 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\42f643795e0d6296a820f1b27e49301a_JaffaCakes118.html1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdfb8946f8,0x7ffdfb894708,0x7ffdfb8947182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6132 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6132 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5956 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5704 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2188 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5532 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6588 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6296 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5572 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6260 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5232 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2300 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7108 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5780 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5980 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2124,13554769183521574303,3237613683484220794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6748 /prefetch:12⤵
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD5f61fa5143fe872d1d8f1e9f8dc6544f9
SHA1df44bab94d7388fb38c63085ec4db80cfc5eb009
SHA256284a24b5b40860240db00ef3ae6a33c9fa8349ab5490a634e27b2c6e9a191c64
SHA512971000784a6518bb39c5cf043292c7ab659162275470f5f6b632ea91a6bcae83bc80517ceb983dd5abfe8fb4e157344cb65c27e609a879eec00b33c5fad563a6
-
Filesize
152B
MD587f7abeb82600e1e640b843ad50fe0a1
SHA1045bbada3f23fc59941bf7d0210fb160cb78ae87
SHA256b35d6906050d90a81d23646f86c20a8f5d42f058ffc6436fb0a2b8bd71ee1262
SHA512ea8e7f24ab823ad710ce079c86c40aa957353a00d2775732c23e31be88a10d212e974c4691279aa86016c4660f5795febf739a15207833df6ed964a9ed99d618
-
Filesize
73KB
MD52ed0e03f84e8e865d268f50a446af9a9
SHA14a1c955aec7cde9af252e5ef4014384c6f744483
SHA25680b32d5eb6299e6c304eb2ff3ea6eba1946c3fefea36f94d8b5080242551207f
SHA512c3d43f3ebb8cc5bf548ab32ac1f932ad5ecea07bed513d87ce24de8d6ab28aa596e83e1dd773525a65373a273c5abeea9fead1aa59ae8058caa2a74fd0091994
-
Filesize
88KB
MD57d67791fa274d1acf9387415cac1d65c
SHA121549693ae3973344a3a9d06a218747d4c63c8cf
SHA256a418ee402031dedf9656d312809f6412ee2cf13fb7c2047d07c832ac02e6f225
SHA5129e2f2a643be9eba29f3e4b8174d4f707083ba8fccfc234bd8b16d9748fb6a4f288a55b9caeadeb668d73645c058a3f1d38cbc20c4ca4fcd478c424b770124495
-
Filesize
20KB
MD587e8230a9ca3f0c5ccfa56f70276e2f2
SHA1eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA51237690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8
-
Filesize
98KB
MD5a401cbfe8011319e3706303b840e9ec1
SHA141e2ce4bdcddee1e0c55c795123328647e4f02d4
SHA2563eb97a7fb54c524c1d870b5a5aec06c879b9579a5e3c8f59cba3df50e1de7c98
SHA51269408421a22cbd4fb368638ebd0c8eb835f7b6ddf9f99e783e6b777120696c5d1010ab8159654a58df5be514bab20ee52c6b854a62d72f8252b7748069031449
-
Filesize
29KB
MD5860928dff07e0b4a0deb7185d3085334
SHA184efac1a84ea448f3b4f95a8e2df5f5d95017d68
SHA2564ff45dab93b6c3859f462f4125fb4bb9adc42133714e04f6d7afe9400c2ed390
SHA5123dffada293257ef4d2e83bc2c752c8569e549b81f4aaafb537a6a13eabaacc4c6babd1fb8a96b2710a939b7b1d52b22ac976eaa2eb09b03de7706d305259358e
-
Filesize
87KB
MD527ebb57ca80d9efd1d7b2bb174af090f
SHA1527a35fa8eb34124d8bdc9bee973de676977637d
SHA256866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e
SHA512230f0a48bcfe8c8552291b9fe4ff3f0a26da2903959478095b906b727ac97f6ee8105403671e58cc323d74ef7208d2cbb6d3f60185d952a0b3565cd1ce3fdd66
-
Filesize
87KB
MD55da9ea748f871afd777b452f15c71f2f
SHA165603d39f5473276cbff6bf6f23e984240ec4f68
SHA256e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88
SHA5126350082194e694f94d362acc53c21a5fa747d62834c56529f1901c3234a91510e0930cd559a0096461f2deb59c78b59c9c1878165fb30daa0af71d7554b2b5b5
-
Filesize
92KB
MD59c0d13d9ba063019cf8472dae4254337
SHA187a4be0bfdff6ad21209f888d3056bd8a2eaaeb9
SHA256113835e21bdb1f49726c2791087585c377c435fcebbc1df810bbf64a49d1fc08
SHA512e44a926cb4b7e76bc4ee580c07ff885471f19d2460b66d65efe0918bb052b977bbca7cd66c437bbb554f17f1f0b120a712ade23dbae482de8fba16b8784485a7
-
Filesize
43KB
MD5703d66b80a4aa54d811b370456103e06
SHA14e08db275979df9006e7ffaa5a408134d4ef3c0f
SHA256876063b10afa8a33036aba868bc25248cb3af2cb1806fc410ffb6d2b155a0873
SHA5129b13fa45b80a4eacb8832fe4d83d909e1e4d6f5e4bc2539647ae81db26d862a01c4807ac54a9fc71553ec96a04de9a83d1502effcc521d271e2ac7d87153c0a9
-
Filesize
29KB
MD583b3b5729cdff3976db52c51831e96b8
SHA1d23dc823e37f58e5366340be755730f3fa9a850d
SHA256675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
SHA5124f796f5c25e7a637825470ed1923e525edb98a2d10c1a65bb3a8fb6457c9eb562c61ae82fdfef05ceb49ad7a4140c946e528cf6814b07d79dfbd94df048a577b
-
Filesize
58KB
MD5a90cfbc8e93a119787762c02614668de
SHA1f0b31c3d972d19fc4da0074d68c288dc7727099b
SHA256191a188611267b87df06550ad2c1a7d406dfda104c30027e0b629416b536502f
SHA5126a34dcd639f9538da32c2022a1598b945ee81e8626389fef75a5bb17e688693adeb4c58c0266366a25e4cacbc2997974e915289362c1dd6991b9988ea7a272fd
-
Filesize
46KB
MD52537fb2c5d38b403bd054ee37fdaf865
SHA1d83fe1831ec0ec5b6ad0b7e6a228d372b10a75f9
SHA2562a992057d81dc333f74a826a50694d3969199cec2f9edeebe7082d575f11443c
SHA5125a537ce46e1e5e5189e69f5685d6402c4457624525130d5458d34409a06dede7adf4d7daeecc5c173d3d6b0ccb21f5a61fc318f264ec4b2a625680204ca6a19c
-
Filesize
333KB
MD5a796f35b8971ebb80b7aee1485d35125
SHA1f2b4dc266e715f13966d86561954d9bb2c2167c0
SHA2567ccb4efda7c7a5e2c1a7375d8d6b25a99a52988a58494130b9283de52f6333b0
SHA512ed8a520af4f1e916c4a022c41958085b156507f096e2f5c7998d7200fccbc7e6f54930064424e535f5ca3a56f0532d54036a08a0e95e898c5b3df726476ccbf3
-
Filesize
254B
MD52eb218a5bd73589ba200a0fee16f3809
SHA167ffa0f1c6b01094428dc594fa4646f276db1f22
SHA2566cda86ff17f5aa48439abf88c0aae8808ee6c7ae1f7870ff061c3d79344d6d21
SHA512b26cd6e90b3b3e5cf96a4f406c4aea84b0859b17ce9c3a7c9ff4f880105205b23581199ca8af757bf6abc7f695a3f5f378bcc7b826457f38c4025a403497c599
-
Filesize
893B
MD53a253143fa1d114162be6baeeb776e3f
SHA14415d797a360fb8d814a5f2b5212152e11decf0b
SHA2569e97ee9b9dedc91cdd75ffb1094a4e392ed80d816eac9bebfc69928b8ce0fdb2
SHA51296e7d38c338cecdf5da7a34393b50d9d386a3a80ea1b3e62c2fbe9a1e7a4eaaa3c0481419b5e82437567fab47003d40a01f21600c07c404702f1b8bf76619e10
-
Filesize
263B
MD56889ca32ea463cd7e7d644448fade6d7
SHA1359986bcbf75b71788806f3e5f46ebc5798320a7
SHA256344b3053568ef077123efa09afaa4f320286c75891cae710f8f1cffcf2c24339
SHA512114e15091be8ef2e78135d852062616412346f546c2bb6a093b4752a04baa055fb93e062f6d579479f321c3b4284c6f94e0fc66952c85bad933a7a340a1ef6f5
-
Filesize
408B
MD5dcdced13e980f024408366b36d85b221
SHA1891f604f9e7a938cd7d33f7f9bb5aa93eebd0478
SHA256a8dfcdd07e78617e2db00e70b076956813011a275f806740d701604d5d53f6d5
SHA5121004c14cb3e73ed82c20f92ef4f8fd88c04bf7ad0c2e5b70a35b461568a3b99f7bc361ff1a90bbcbedb3c57dd6a73cb9247e03a48de67a5550d59b15c71b138b
-
Filesize
696B
MD57bc87070f6b75792e8f04e9c2b57a486
SHA15ab6e672979ecb69391c330199cb383e5b2d58a8
SHA256b7262628eb20b7e5204f8ee50e4773b3af387317e79e7e36bae150293a8f3068
SHA512b37096f2465b2b22c2a1332964abc336dcb4c8dbd26c8d3bc37b5942d507fd64c1ccf88c0767fba9af08602c7f6fa3c07f4b53ac867369341c074f9c4d6b2eb6
-
Filesize
2KB
MD5e0f5352b6cbfbb159c72aba898ac78c3
SHA1ed4ccfd8c70035d32c30ca26b454385b4385c5b2
SHA256f1ffb58990510de47fa19415c22d7f00452d9adcbf5b24f26ed732aed11633c8
SHA512b92fa32c482749ccffbc22e192318b543ba14342669f2bd7ff28eb6414434ef55b145243b1d816578bd88868022bb1900989abfe7c47f2f0b4957004dd91e98d
-
Filesize
6KB
MD511d478e45629a79e0dcac00ee1e33e00
SHA1ea14d5134eabbae6373ba5e8a6fc4cc090591aab
SHA256a5cfacd58eb8ab57154949ded54ea5579deff285bd04a7c8af26c20daf7e6b18
SHA512239090db78271ee6f777ab04d9230be5e4116fa901580ea1a63dc97c850bf6bbf6e33fa426552230277e84afa0b48359bdeb30c293ffc1f5a38954cf4caa4374
-
Filesize
6KB
MD595afaeb58224b00abb998a18283c1c92
SHA11f071c00cd360808e86e561cfacf1a10093dd7be
SHA256a98ba79a5bca30eff4d8b67119f924a726778da7caf2e5e88c5d6b2c4e3332e0
SHA5128f564104f9ab8cac33dd3291f98a88246f7e9e24b760dd0a04e7b399a9e9e0f54419adda39a5e5987da3048e42aa1dec0b28687c970edfa98c4f0e64ba38e752
-
Filesize
6KB
MD547731cb19e9349b1291896262db95bf9
SHA1bea3aed35cb0a668810b09ee8f68d81d9d43b3b8
SHA256d6a99945dce5261cf96c245802e75f096c24062de172f1b8fc61815af35ce2ec
SHA5127b2eb29103d9812d8948b554c71e278d9c42cf2e5cd471eb14e236dd9ad97b0d2872da123612027d4c91ac506c4628636016b4c9de2be9d5e982c7c54e566a6c
-
Filesize
874B
MD557f6ba028647538a37347f93d935e46f
SHA11fa2bfc3c09c98598059d6a63cc2ab8a2f28080e
SHA2565b799b218358c9b03bd5948325df950113274364bce822fc6703b50109eec6ca
SHA512cd331573026f9525da2184daba73d6d987bbf6fd4088ed85b837d6d0a5958e7fb93559e2ef2d6a49e7898baf077ecf983acf17134f37eb59ba9c20b2d40cb803
-
Filesize
538B
MD5cb696c91af0618ccf26804d7e220b597
SHA1d1500406bee9302386d52e8c5beed94d9649fa12
SHA2560126fa065312d3dd0a9ba8099b95f7bf5bbee3e1107435504a41c0d945be2c12
SHA512f25c95a81f835755b1d7005d1db082d786c9c6c36885f5ceb638bbe5d89a006264cd33eeb42c94ffcbb48c58815059e44dacdda467c8458042d0941d939fe7e4
-
Filesize
536B
MD5ba0df7e69bbc2b3ac0a000d821553b46
SHA1fd81a6303d9a5234d8c693fc4fbb6d70c74bdca7
SHA256bc34159a86f9d87f0c78e31c25687a56c80bb8d46a1bfe6da7e3eefb568a8ef2
SHA51222a0ec36ede0772ff6460fc808eef4ceff6cd6783f78aba73959365b0ea10d4b2a4d55a51d413d28ccdf1e310f9da710eef529a31bae4632fe608832f8dae8c7
-
Filesize
204B
MD52b6b47b63b853d0f56db94d488054efb
SHA10fff449079e65752d692b21bfe4ba7c75f367728
SHA2569df1ec007c58491ddc42eb23bc75687223541a3eaaf03d7fce58b6a7da710be3
SHA512344826163217db0a99c4cffdcec4845152b3594f7368a97c868e723a8adb7e92c96e8fddd2c8b3374905e98ccfa509fa26b315e25cf01ccf760d9e400ac37ce1
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
11KB
MD53fcd74b58f484fb7290caa8286dde56d
SHA18bd7e87d44f87289fe8dc9034776f51feb9dae34
SHA256ba0b7529a66bd8b46dd2e2e25d2180bbc4f0d8cf582e9c57be03f67b2da60825
SHA512888d2c88c768840ca94a4ffde48a9beecfd0f344d4a242a00ace85743235956693987d6c3b1d9bb3a9cae797e12eb0e24916d0e37417d1826c647f7e531e6d0e