Analysis

  • max time kernel
    776s
  • max time network
    777s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-05-2024 18:12

General

  • Target

    http://Google.com

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies registry class 8 IoCs
  • Suspicious behavior: EnumeratesProcesses 13 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 40 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://Google.com
    1⤵
    • Enumerates system info in registry
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1704
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb884446f8,0x7ffb88444708,0x7ffb88444718
      2⤵
        PID:3820
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2204 /prefetch:2
        2⤵
          PID:2760
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1168
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2884 /prefetch:8
          2⤵
            PID:32
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1
            2⤵
              PID:5096
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1
              2⤵
                PID:2500
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4660 /prefetch:1
                2⤵
                  PID:4280
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
                  2⤵
                    PID:3768
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:2036
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4604 /prefetch:1
                    2⤵
                      PID:1436
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
                      2⤵
                        PID:4796
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5432 /prefetch:1
                        2⤵
                          PID:396
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
                          2⤵
                            PID:724
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3068 /prefetch:2
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:5032
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5116 /prefetch:1
                            2⤵
                              PID:4804
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2368 /prefetch:1
                              2⤵
                                PID:3516
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1268 /prefetch:8
                                2⤵
                                  PID:3712
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3552 /prefetch:8
                                  2⤵
                                  • Modifies registry class
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:1476
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
                                  2⤵
                                    PID:2412
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1604 /prefetch:1
                                    2⤵
                                      PID:3984
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3868 /prefetch:1
                                      2⤵
                                        PID:556
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2452 /prefetch:1
                                        2⤵
                                          PID:4016
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
                                          2⤵
                                            PID:4228
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6292 /prefetch:1
                                            2⤵
                                              PID:232
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6448 /prefetch:1
                                              2⤵
                                                PID:1104
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6456 /prefetch:1
                                                2⤵
                                                  PID:4792
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6676 /prefetch:1
                                                  2⤵
                                                    PID:4728
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
                                                    2⤵
                                                      PID:5004
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6816 /prefetch:1
                                                      2⤵
                                                        PID:3476
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7200 /prefetch:1
                                                        2⤵
                                                          PID:3152
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7208 /prefetch:1
                                                          2⤵
                                                            PID:3768
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
                                                            2⤵
                                                              PID:552
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
                                                              2⤵
                                                                PID:4148
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7572 /prefetch:1
                                                                2⤵
                                                                  PID:456
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8000 /prefetch:1
                                                                  2⤵
                                                                    PID:5104
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8016 /prefetch:1
                                                                    2⤵
                                                                      PID:3028
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1
                                                                      2⤵
                                                                        PID:4740
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7984 /prefetch:1
                                                                        2⤵
                                                                          PID:4140
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
                                                                          2⤵
                                                                            PID:4428
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1
                                                                            2⤵
                                                                              PID:3592
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1
                                                                              2⤵
                                                                                PID:3096
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1
                                                                                2⤵
                                                                                  PID:4748
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
                                                                                  2⤵
                                                                                    PID:6084
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5412 /prefetch:1
                                                                                    2⤵
                                                                                      PID:5028
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1064 /prefetch:1
                                                                                      2⤵
                                                                                        PID:2384
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1396 /prefetch:1
                                                                                        2⤵
                                                                                          PID:5664
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1
                                                                                          2⤵
                                                                                            PID:2132
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=1344 /prefetch:8
                                                                                            2⤵
                                                                                            • Suspicious behavior: EnumeratesProcesses
                                                                                            PID:2832
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
                                                                                            2⤵
                                                                                              PID:5128
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,10163597972005929917,7928291997920687668,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1
                                                                                              2⤵
                                                                                                PID:5444
                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                              1⤵
                                                                                                PID:1192
                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                1⤵
                                                                                                  PID:1812

                                                                                                Network

                                                                                                MITRE ATT&CK Enterprise v15

                                                                                                Replay Monitor

                                                                                                Loading Replay Monitor...

                                                                                                Downloads

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                  Filesize

                                                                                                  152B

                                                                                                  MD5

                                                                                                  56641592f6e69f5f5fb06f2319384490

                                                                                                  SHA1

                                                                                                  6a86be42e2c6d26b7830ad9f4e2627995fd91069

                                                                                                  SHA256

                                                                                                  02d4984e590e947265474d592e64edde840fdca7eb881eebde3e220a1d883455

                                                                                                  SHA512

                                                                                                  c75e689b2bbbe07ebf72baf75c56f19c39f45d5593cf47535eb722f95002b3ee418027047c0ee8d63800f499038db5e2c24aff9705d830c7b6eaa290d9adc868

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                  Filesize

                                                                                                  152B

                                                                                                  MD5

                                                                                                  612a6c4247ef652299b376221c984213

                                                                                                  SHA1

                                                                                                  d306f3b16bde39708aa862aee372345feb559750

                                                                                                  SHA256

                                                                                                  9d8e24c91cff338e56b518a533cb2e49a2803356bbf6e04892fb168a7ce2844a

                                                                                                  SHA512

                                                                                                  34a14d63abb1e3fe0f9927a94393043d458fe0624843e108d290266f554018e6379cba924cb5388735abdd6c5f1e2e318478a673f3f9b762815a758866d10973

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

                                                                                                  Filesize

                                                                                                  67KB

                                                                                                  MD5

                                                                                                  d2d55f8057f8b03c94a81f3839b348b9

                                                                                                  SHA1

                                                                                                  37c399584539734ff679e3c66309498c8b2dd4d9

                                                                                                  SHA256

                                                                                                  6e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c

                                                                                                  SHA512

                                                                                                  7bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

                                                                                                  Filesize

                                                                                                  62KB

                                                                                                  MD5

                                                                                                  c3c0eb5e044497577bec91b5970f6d30

                                                                                                  SHA1

                                                                                                  d833f81cf21f68d43ba64a6c28892945adc317a6

                                                                                                  SHA256

                                                                                                  eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb

                                                                                                  SHA512

                                                                                                  83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

                                                                                                  Filesize

                                                                                                  39KB

                                                                                                  MD5

                                                                                                  cd1f47da2575e2b93805c9a5d289b995

                                                                                                  SHA1

                                                                                                  f4c2fd1e99bfb831523f36377559ccddf8cc8df3

                                                                                                  SHA256

                                                                                                  fa0b04f90f25bf3aecdb0ee74f5f76c4119adbb4a019fc3fb70bcb5b496b4ddc

                                                                                                  SHA512

                                                                                                  008ac0c1867d5990f647dc0fc8019939cb1cd3bdd89c9ed35c5d8494febc2f5aec7e4d3c07dd30bf77c62b560c79810f7132e49c03725f555643dde69ad67098

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

                                                                                                  Filesize

                                                                                                  19KB

                                                                                                  MD5

                                                                                                  2e86a72f4e82614cd4842950d2e0a716

                                                                                                  SHA1

                                                                                                  d7b4ee0c9af735d098bff474632fc2c0113e0b9c

                                                                                                  SHA256

                                                                                                  c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

                                                                                                  SHA512

                                                                                                  7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                                                                                  Filesize

                                                                                                  65KB

                                                                                                  MD5

                                                                                                  56d57bc655526551f217536f19195495

                                                                                                  SHA1

                                                                                                  28b430886d1220855a805d78dc5d6414aeee6995

                                                                                                  SHA256

                                                                                                  f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

                                                                                                  SHA512

                                                                                                  7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

                                                                                                  Filesize

                                                                                                  84KB

                                                                                                  MD5

                                                                                                  74e33b4b54f4d1f3da06ab47c5936a13

                                                                                                  SHA1

                                                                                                  6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

                                                                                                  SHA256

                                                                                                  535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

                                                                                                  SHA512

                                                                                                  79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

                                                                                                  Filesize

                                                                                                  1.2MB

                                                                                                  MD5

                                                                                                  153d9573f0f824b040ac13793d95e406

                                                                                                  SHA1

                                                                                                  f8a73c205962012c4fa5b93ccbc77d7b1be3b5d8

                                                                                                  SHA256

                                                                                                  c70c12b65715e837682baf0eea8ff99a7531d9036b0b5a9d640def85df92d016

                                                                                                  SHA512

                                                                                                  5e0f64f8d333be4fff5b869952fe18f3189d6af97bfce10aad8acae96153b790108351083f1b80c40d76cebdca35e5d7e0f3371c588a02c74e6ea0055a3d2b20

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

                                                                                                  Filesize

                                                                                                  33KB

                                                                                                  MD5

                                                                                                  3cd0f2f60ab620c7be0c2c3dbf2cda97

                                                                                                  SHA1

                                                                                                  47fad82bfa9a32d578c0c84aed2840c55bd27bfb

                                                                                                  SHA256

                                                                                                  29a3b99e23b07099e1d2a3c0b4cff458a2eba2519f4654c26cf22d03f149e36b

                                                                                                  SHA512

                                                                                                  ef6e3bbd7e03be8e514936bcb0b5a59b4cf4e677ad24d6d2dfca8c1ec95f134ae37f2042d8bf9a0e343b68bff98a0fd748503f35d5e9d42cdaa1dc283dec89fb

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

                                                                                                  Filesize

                                                                                                  75KB

                                                                                                  MD5

                                                                                                  cf989be758e8dab43e0a5bc0798c71e0

                                                                                                  SHA1

                                                                                                  97537516ffd3621ffdd0219ede2a0771a9d1e01d

                                                                                                  SHA256

                                                                                                  beeca69af7bea038faf8f688bf2f10fda22dee6d9d9429306d379a7a4be0c615

                                                                                                  SHA512

                                                                                                  f8a88edb6bcd029ad02cba25cae57fdf9bbc7fa17c26e7d03f09040eb0559bc27bd4db11025706190ae548363a1d3b3f95519b9740e562bb9531c4d51e3ca2b7

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004f

                                                                                                  Filesize

                                                                                                  60KB

                                                                                                  MD5

                                                                                                  5aa5bed3531b713df8bccb549d1999fa

                                                                                                  SHA1

                                                                                                  5d8ee9b2dbd532f4d9cbafb32e9e98db41e15737

                                                                                                  SHA256

                                                                                                  7f46178ee363ac941e42cf0342433057116c805cf07b11f8cb2eaa505d313600

                                                                                                  SHA512

                                                                                                  5002e4650c500b610e59cdeba76e7f8ff7f417339777a12eb484b23050ceee0e97510de68b1a8eae1d34f966c4a3ded367135a9b2b74eabdb0d2989d2f7e6123

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  1KB

                                                                                                  MD5

                                                                                                  5c3905aebfe7342c7908530d31eb0cfa

                                                                                                  SHA1

                                                                                                  63a5d8d3dc38d9f30dd14744675617915e28e835

                                                                                                  SHA256

                                                                                                  f7605a2c04b5d8bf0a48c8339f01f8857627df5970dd97b752d2780238d82b07

                                                                                                  SHA512

                                                                                                  d5f067ea949ad319428fd95707f4d0249eb59dde7cf61d61a50060efaed2dd20a83ba845cc711e5adb5c6ebce64cb7cd4226f31f86f7eeb3376d884cb8a65569

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  2KB

                                                                                                  MD5

                                                                                                  830b77017f8af716553e9de37448a739

                                                                                                  SHA1

                                                                                                  284753b01174ca02feeb80c5297c18ae381bf6b3

                                                                                                  SHA256

                                                                                                  b5fbb0b813f07690ba85588905389bc456ad6b762c5cfa060407df99d38a0e15

                                                                                                  SHA512

                                                                                                  0ad18d622a9cf1a5b24a4c83f694a36191b6e1b2d3250a1fcab39f76978817348afd52adcf03915db0179e9968af389ee81a70a6e764204f5ba253e1f098740a

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  4KB

                                                                                                  MD5

                                                                                                  0435a20c459d26f034e91b56e00c2022

                                                                                                  SHA1

                                                                                                  81cb302088233723b07a444e9ed96550e9675277

                                                                                                  SHA256

                                                                                                  3a9f5297225125b60f9097c974ae15178e9676770d2fec57d0cb8a6b8427b528

                                                                                                  SHA512

                                                                                                  2e14390149971606be91b2124edbc21edd44385fcd9f22e1cf5c8a7fdc3929f61a4f0aa5b09a246c40010e81533e2b24d12975703a9b0b547db9712943840b2e

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  5KB

                                                                                                  MD5

                                                                                                  de8a9cb1f58842569568b23a240e77ed

                                                                                                  SHA1

                                                                                                  c9794a851beef7de24aad618b486fb1e6a4f3c0d

                                                                                                  SHA256

                                                                                                  13040f9ce1a2698f6b2cae3d9bc0598a4babc215051ebf43c5e7ed6caa7bd671

                                                                                                  SHA512

                                                                                                  ff03bd9930cb23ebf48f944d4b0478d9c3cb55ab48f6ce909d94646cc7b09ade1bd1db72ba8ce3acdac8c56d33b1e9dd4d79b664f4fa7b2ed900e1e89e674acf

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  3KB

                                                                                                  MD5

                                                                                                  5eaae8cdcb17e172461538428b6999fd

                                                                                                  SHA1

                                                                                                  4270ae2fb851d1e6eaf577c7af09800759e87ce3

                                                                                                  SHA256

                                                                                                  f8513edb960e2e5c7184d9095eb71645bead90bc79a09763c51184c0626c65ae

                                                                                                  SHA512

                                                                                                  5b07e9155dbfc9021a574e18e0abcda656a3150dd17a73ebf62ce672d11f07e37524039554eac7eebd2d54248fa5464ea7c0efce8d53823698012bc4a962caad

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  5KB

                                                                                                  MD5

                                                                                                  5e0b6debb8f9a908c64a7fdde953b20e

                                                                                                  SHA1

                                                                                                  25b7058960ee385ba70c3bef36f0bbfd4dc3a8e9

                                                                                                  SHA256

                                                                                                  67da0eb17395c3c71d8ef2032e261ffa73a8cf6ca131f883885efd1d393b150c

                                                                                                  SHA512

                                                                                                  6a98eafcf6052369baa04c6361305954d0cff9cbf55b4d6e0e9eadbb3239e479cd46a62098ddd41570029b6160283c2d80d880ff322f660e4d5c87cdc4d3894e

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  216B

                                                                                                  MD5

                                                                                                  0addf42f2431b5fdced9cf31e4a485b7

                                                                                                  SHA1

                                                                                                  8ab4f753781d481277918b33d57a1f9b76c2106f

                                                                                                  SHA256

                                                                                                  8feea5e385bd02ca8049dbe9073b96d6cbd65368829cbe30c159221b07dd42e0

                                                                                                  SHA512

                                                                                                  ad7cf62e6d9d052e1244d95a01f2825c2e997441173580b4e8507480969b439bb300c5a36e8e4debe6a6342f625c70d70e746e33b8adc76f8a901c2bc32acd42

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                  Filesize

                                                                                                  1KB

                                                                                                  MD5

                                                                                                  5d27348d0d01f0088a794b0f652c588b

                                                                                                  SHA1

                                                                                                  eb0757b7d7092f8d00e8a5cff231b5c581e9207a

                                                                                                  SHA256

                                                                                                  640247c2c5a881c635752f50e3acda39708a458e03ed4558994a5f78c8574412

                                                                                                  SHA512

                                                                                                  638889429184c2754ec86ef678f529bfe6654ec2ee24a6e7ba61cf97be34a624cf32ab8c98a2613002d97c5bdef08fde76376d51128e6a869f22e0c70988279b

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                  Filesize

                                                                                                  1KB

                                                                                                  MD5

                                                                                                  1475e08c7539b221f90e76fd3cfa31c4

                                                                                                  SHA1

                                                                                                  2192cc4db13c5bdcbff55e620dc4128581574c37

                                                                                                  SHA256

                                                                                                  fa6cd9deee6d71625c62d594fb0619208494a3f6f7d2ccc1389e797491b12d7d

                                                                                                  SHA512

                                                                                                  fd2bbef122a374509f26bbfa9a56067e25b73af7869c5b4087c0ac9295fe7b0fb79a69c9f852e285c9fe914b4339ff9df4ae97b80a618931aca19a8f244a3c17

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                  Filesize

                                                                                                  1KB

                                                                                                  MD5

                                                                                                  7547429775ad40d9fefe8aac100abf7b

                                                                                                  SHA1

                                                                                                  4bc8af0abd9fb8e4a59f121af12f1ac3453dcd44

                                                                                                  SHA256

                                                                                                  dd03d634b2a3a1231bd1b36ac69326a1f636fea83bd3ae9bec97261a25b8c39c

                                                                                                  SHA512

                                                                                                  d6c309851052996c403a90cf5d70980263f516fbd9348b8fbf09ecb8240d3401a2511e858ac2da1b45ebaa99b7ac91c46f39a63930de8bb54e00f8e3b4e323be

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                  Filesize

                                                                                                  10KB

                                                                                                  MD5

                                                                                                  4b293fd36b030d741b7ac2324351fee1

                                                                                                  SHA1

                                                                                                  e48699308ed977304f1d513155fe7dff66937b3c

                                                                                                  SHA256

                                                                                                  b5fa8520d7fc4688d91b34c4fcd0ace1c3f1a18c8680ebf8ac2e71254b4382ef

                                                                                                  SHA512

                                                                                                  70f0e431e8822257bbc896b140b402467797f34b52f83dd62aa1b1613acf99a2527153803a77ce1c4d01330dde157aee7a286496f76f907beac7a7788eab8b11

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                  Filesize

                                                                                                  9KB

                                                                                                  MD5

                                                                                                  d4d41cbeb3d3482fb753f23c488c0ef1

                                                                                                  SHA1

                                                                                                  d0064e38a17e7f7981f9617b7c3085ba53560abf

                                                                                                  SHA256

                                                                                                  73f5197714297cb6805ea8cfc75a00a0172437c188905a2a7a4864ba4f70738b

                                                                                                  SHA512

                                                                                                  fcbaaf5d18180ac471cf7be878645054b80a098679847d162f4a31420cdc7ff2d7eaa99280f2e18b1d68f13ee6726e7c82ea1f08b52479d1be391b6052aafe8f

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                  Filesize

                                                                                                  8KB

                                                                                                  MD5

                                                                                                  9227634c2f6641348a14dccd3554264a

                                                                                                  SHA1

                                                                                                  cd4a95152397daecf1d7055825ef707a9f2120a1

                                                                                                  SHA256

                                                                                                  6a10a9ad5ebf6f485de3d6b6496ebf0d87513acb32c8e61892e6897f867dfb36

                                                                                                  SHA512

                                                                                                  fc442c571c76eb925f2430dddbf24973722ae8a7134e54a132a65a315560b8c17c36e55b2cd92d228cd793c0c34f0459f3eff9168577343828f1814dc4538fdc

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  5KB

                                                                                                  MD5

                                                                                                  edbb9c2bc88145578d9c410a3035bf7a

                                                                                                  SHA1

                                                                                                  c603096e3ba603f8fa83d86f8b658d774e25f70e

                                                                                                  SHA256

                                                                                                  9e2fc8394284c9de46550ae86862c5593741d390f9195ab2882d555ebad3d16c

                                                                                                  SHA512

                                                                                                  900d265c74ec28f174849e2ecd9b472deda6baef4760e8b147ef27b255ddcaa5d092d626db7c4ad9de324813c20fe081ae6d8147ced2fe9898734f27c756edef

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  7KB

                                                                                                  MD5

                                                                                                  1b0904caa15f2a11df543f4f70f5ff45

                                                                                                  SHA1

                                                                                                  164b7c0c7fe68e9e8c5863757c00069d9c554cea

                                                                                                  SHA256

                                                                                                  878176600e1b87c2ce716eb728ac05106d4ed575de1620b6bfc5294b29aa7253

                                                                                                  SHA512

                                                                                                  4ffd5d35f83b7965960354a789e80c9f5549f580bf564cdf8d099757efc4a1afc8f44e24c38bc501dc2fa7917d9d23079e5bcc10a4303bcca36c8713b88bba2a

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  16KB

                                                                                                  MD5

                                                                                                  59b39befcb628ad68a5f0a3e0447d397

                                                                                                  SHA1

                                                                                                  440e53db28f21358d01d7c9ea6295499bc343f49

                                                                                                  SHA256

                                                                                                  45f20c96fc980fe6c2e7660448828c834258cf724fed3470995265383a491109

                                                                                                  SHA512

                                                                                                  0fa1d9b24045bdc0fa764f595f7fb7847dbaf03fe882f43585c251a0dd9817d6a328acc99f6cecbdffb71db9d97cfdf7874fdb8d6cd922acea85c7746fa51dd9

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  6KB

                                                                                                  MD5

                                                                                                  ea8874d9e4de8aed946437fb7313687e

                                                                                                  SHA1

                                                                                                  210161381e2c1c35fce00118753be1e4e2528f8f

                                                                                                  SHA256

                                                                                                  3b497965050c794d9b6ec46d9c527a1ee280a9a7ef749582e6890328980092a5

                                                                                                  SHA512

                                                                                                  30bc45a833cfd466d3c97e914b63c7a263a8729a701a81bcc918ff1ba253e1f0bb84c66557aeb8efd27c0d40cadeb3ce863bc92ca72e8ddbfe42147a6167fbc1

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  15KB

                                                                                                  MD5

                                                                                                  0c0547a0fc6562c6ec8288357fe190ac

                                                                                                  SHA1

                                                                                                  36fd5ffd7bf798e46155523b086985485a356e40

                                                                                                  SHA256

                                                                                                  ceb2557534fb27dc6b71d15c130d432009c21bc12cfd8cdc471344acaa4b7475

                                                                                                  SHA512

                                                                                                  7cbfbc126fe8c3760a35d284abf4d5f7bec6828dfbdb5bf7ed14f6ee0e89e3a6b5ca444e51a86cfbf51c9eddff2634d3f572d4345c7103128efe2948ae5f7c30

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  16KB

                                                                                                  MD5

                                                                                                  cf906f6fd1df045ce01ecdfbe5163be0

                                                                                                  SHA1

                                                                                                  0e123524efdc041a56e22022e8874dcab08a854f

                                                                                                  SHA256

                                                                                                  ffd76de6e87c361898067c24bdcf72062f87ebd9a764936dd17bf95725c00b13

                                                                                                  SHA512

                                                                                                  5f24d712dfb38caaef65945ee3b8452957bbe4b6112672cb459a0dcab1ef878b5148e18977e9af07a061d2ed77698a78b2d034f7f7bbc87273031cd4424cd2fc

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  7KB

                                                                                                  MD5

                                                                                                  cd22908b64af6d5ca817a115a50e73a6

                                                                                                  SHA1

                                                                                                  b7f95d938e4454a80e964bc5e473cce5506eb2b6

                                                                                                  SHA256

                                                                                                  7e244b0b92060142c3a4fe957839a7cc3d8ac539f5e894528a6abab5138b0c08

                                                                                                  SHA512

                                                                                                  6b52e5831fee959fc83a84bcf7106f299afae2697dd1dd7dd56b92ecdad980b142cd1a955780a9f2d4dbe663d586fbfce56188e3ae5d8bff77817a91ff8c88a4

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                  Filesize

                                                                                                  7KB

                                                                                                  MD5

                                                                                                  06306cb7d91389184c80a7d51067502a

                                                                                                  SHA1

                                                                                                  96ea4e4f4bc4cf6152e15bb9efbbe302bf296c6e

                                                                                                  SHA256

                                                                                                  889810a8904e9d2a8737a7b4cb817a003ca6c5f799de341831bf40d0a77b637f

                                                                                                  SHA512

                                                                                                  cc41ad3e407abcb1651c31c14de8451f984b5c72809327667a2e2613dcd04bf07547324c190f5e0915ff1beecdf6cbcb3be1b92562b6e1e28a095e16d034cc22

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\68073763e1041ed2fbc6bb2411fb86d703157af1\0814d2e9-609e-49b3-b178-a9d79ef02f4d\index-dir\the-real-index

                                                                                                  Filesize

                                                                                                  96B

                                                                                                  MD5

                                                                                                  0e17766c0feeace58c5883c14afee400

                                                                                                  SHA1

                                                                                                  d2fbed8331cf1f38393aab4a90e9b460d66c3f29

                                                                                                  SHA256

                                                                                                  ecab0ee3730de1b65dbd01b082ccd8b7d18531523060d8ad6658288b19c0198c

                                                                                                  SHA512

                                                                                                  b1796aef953dc01af7a720227361245196fb5ef66fbef96e6d3bdf3ce06e0e3804d108841bbde2c19639b0f0963c533ab84c983d47fc7f6dbde57aa285ae68db

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\68073763e1041ed2fbc6bb2411fb86d703157af1\0814d2e9-609e-49b3-b178-a9d79ef02f4d\index-dir\the-real-index~RFe5e9103.TMP

                                                                                                  Filesize

                                                                                                  48B

                                                                                                  MD5

                                                                                                  ca47831a5a7638d2ecc50c9cc2b25a7a

                                                                                                  SHA1

                                                                                                  ecb3b96bf3d851a43c81a997328c98a60c4e31ac

                                                                                                  SHA256

                                                                                                  fe83c7b73223d0568d31b28aebad38105392efeb9a357a2600794b74a198c987

                                                                                                  SHA512

                                                                                                  37d1a6acf6946e801b905864a2c852cd8687f6ef1a1349aa5f522513e21abb9ba05fb6d80116955e2b3cc1548062909ab864da146094ff9cea6f5e4a5beb85c0

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\68073763e1041ed2fbc6bb2411fb86d703157af1\index.txt

                                                                                                  Filesize

                                                                                                  81B

                                                                                                  MD5

                                                                                                  eb2d8e200dbb83c8e96c3e60be5ce35d

                                                                                                  SHA1

                                                                                                  c65384e603e559aa6576504cd4ee52297e2260ef

                                                                                                  SHA256

                                                                                                  7c29b9de3ecc2898474a23daa6da451e89a748c11a2582f8d707086ea51bd5ee

                                                                                                  SHA512

                                                                                                  2c884e46ceddc2f802471e543481f4b93f8933c8bfd9b48d864ca04f6f9448c082d96d95d5a379939fa9fd1587cabb48772f8132c5af37f1b75e074cf1013dbe

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\68073763e1041ed2fbc6bb2411fb86d703157af1\index.txt

                                                                                                  Filesize

                                                                                                  75B

                                                                                                  MD5

                                                                                                  e4180cae8c311d232fcd9e92bebbb2cf

                                                                                                  SHA1

                                                                                                  88163fe67d50170d0b01453d57b5d898b1829e9c

                                                                                                  SHA256

                                                                                                  c2ba8b01edbe7b813652e2f517a52f949d4e9c9892f791d6dacb84e541cb29bf

                                                                                                  SHA512

                                                                                                  889aa108456177839087ff7f5eb254191579dace9c30a843a1afda1c66110c51807c552c25b9978e768a1d4143e28d19a606f2ee45ff1816f12e6d9eb5fa1059

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  5KB

                                                                                                  MD5

                                                                                                  a8697aa8a4c04b0f9a60aa48d1999c51

                                                                                                  SHA1

                                                                                                  c43050c48dd07debe2c971c957c8a16087737255

                                                                                                  SHA256

                                                                                                  9745ae43cd0aa84a4d75246e2e421e5bf1d69f94e00dfba0d45705f38c1d6a6e

                                                                                                  SHA512

                                                                                                  16417f7f9319e382afa983c34272f287566d31e65449af9cdb5d8afd91fc052af3f73b13bcaf5577501d7a6728722ca0ce6c85c689e28637e0fe54cdc9e45375

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  1KB

                                                                                                  MD5

                                                                                                  a53806430e6aa6da229ca529e4ae2363

                                                                                                  SHA1

                                                                                                  43313d54291cef4c41cab0aa68fad30b058814d3

                                                                                                  SHA256

                                                                                                  9c14e3655b2fc03ba24be7d50e64558ad2ed1578048ad22decc8a0f0e53a5f5f

                                                                                                  SHA512

                                                                                                  f056a59792414ad8d1d57bb57e2f415399f2fa42b612bb3eb279423950538859a04d46ec35a6cab1bdb174ed2d95b8edd87b214fe6d1033a517d962447528eeb

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  3KB

                                                                                                  MD5

                                                                                                  a2fcb9d200a2bae9d80ea9aef5a60c5c

                                                                                                  SHA1

                                                                                                  2bd180d0f9472eb17852dc8ea4be5309f990933d

                                                                                                  SHA256

                                                                                                  b9c7dbee10d30bb19c320b49af591c83a569f7dd74a44d8ded5919bcf1890e07

                                                                                                  SHA512

                                                                                                  035733650e1fbbfc5c6496154d4ac56be1dfcf3469d2bed4fb551d761255c4e259913449621e4a1637922755893b1b776257b5cb366659e014dfc7fddd2d7ebe

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  3KB

                                                                                                  MD5

                                                                                                  85423d1d247e9ae0e1e05fc8da0aad53

                                                                                                  SHA1

                                                                                                  9e72ebc8f7be8caa04c31371224c75d339b20e9b

                                                                                                  SHA256

                                                                                                  5b89ac052d85e73b04cd61d802c81d35730be3924bc357e3df0ad301e919b63c

                                                                                                  SHA512

                                                                                                  69f1a788cac13dad08f2ceb70408766929affc032ac898626a674d019e5744ded10446fca386475d7567077f78ee3149e36fd6c6605178e4249d4551b5e5f7d5

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  4KB

                                                                                                  MD5

                                                                                                  bc73a7d327e5b9052d8a7ea11f99fa31

                                                                                                  SHA1

                                                                                                  60ba9b9c7e947a64f0669370f2331e4e10520f9f

                                                                                                  SHA256

                                                                                                  96703f5e16b6b6e51e58b2086e947902d4b6c56adc6e30300ab5c55374afbeaa

                                                                                                  SHA512

                                                                                                  3dd693f14e7a60c693c4b77cf36196a1c7f048e59878f0916c4f30b30832c2e46422975ee3fbf5233307a27936b11efddc4b57e4cb34da48d9e03be1b0107687

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  704B

                                                                                                  MD5

                                                                                                  569cbc9dd403eb95eb523a1769f2bbdf

                                                                                                  SHA1

                                                                                                  fac6e070953159d7f530128198f2c6be92ecfafa

                                                                                                  SHA256

                                                                                                  ec8577041ac1bb11d333b656972d4f82ad29f66de28be6b5dba61cf0912f637c

                                                                                                  SHA512

                                                                                                  1983e09132a951f6658df03f84962d22eb36b37c025cf0ad4d066f980c7d9994e0f18d5612f8c4f7ac629965b56e5bf8117a9dd45cd94403423f2a4098ac2a52

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

                                                                                                  Filesize

                                                                                                  706B

                                                                                                  MD5

                                                                                                  38a07e6d60ba3897efd67f9240734bc5

                                                                                                  SHA1

                                                                                                  b2c5a12be301ff8fcdc0302316c5d3fa34c5b224

                                                                                                  SHA256

                                                                                                  482a9ffffe2cf0a151a72fc48f9e68d38bc6371d965aede10f0eca6dd47d9695

                                                                                                  SHA512

                                                                                                  06da8f2073d87ef63656bb2e4a1cabb90c287b84979a237b2cb0195dd29c0b082d4976c3bf0772ad3692094a57b47c5d997ba1ca0e1877875b0205f99f42fe63

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5acf67.TMP

                                                                                                  Filesize

                                                                                                  204B

                                                                                                  MD5

                                                                                                  e5d82f7230cbf676e12fe404e1093dfb

                                                                                                  SHA1

                                                                                                  cd77f41a766c881c6515bc43252e5a21063e06b8

                                                                                                  SHA256

                                                                                                  daff325af09d68644e9e02a322e29cd314fb03eac67f29131549ec99b7529ba3

                                                                                                  SHA512

                                                                                                  79460711688909ea19c606a210117e7c8a343a905b52f8b7b28d32ce17c91c1f5d9a85e79850900d9b35ad393943f62154718ec842e373fc56de3dbe51e21229

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                                                  Filesize

                                                                                                  16B

                                                                                                  MD5

                                                                                                  6752a1d65b201c13b62ea44016eb221f

                                                                                                  SHA1

                                                                                                  58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                  SHA256

                                                                                                  0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                  SHA512

                                                                                                  9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                  Filesize

                                                                                                  11KB

                                                                                                  MD5

                                                                                                  6728d6538db6f46975e55db269381497

                                                                                                  SHA1

                                                                                                  40a9ded43ef23f8df3b6020b789d0ab52b6f232a

                                                                                                  SHA256

                                                                                                  9ad13a15efa5ce4a5d604c2549f28b044587d1eb835b2a2949108dc68581e79d

                                                                                                  SHA512

                                                                                                  90d52653076259d859df9bafe31e669627cb237f32bb88ee1d0f3ffa4df02b608d734acea062bd39394f0ffe6b2e9055995cfecdec479145144a993409ba61c7

                                                                                                • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

                                                                                                  Filesize

                                                                                                  10KB

                                                                                                  MD5

                                                                                                  cd701a83daf98db4bc13607ec168fc04

                                                                                                  SHA1

                                                                                                  24d2b308ce6dfb949924bba71f6e7e438ca0c860

                                                                                                  SHA256

                                                                                                  fcc75202c24384697f27eced3b836f496b81a6067a501d8a98e560dd07f2402a

                                                                                                  SHA512

                                                                                                  0a96203941ca8f7c1d0b50a5ccd988ea3e9d1a35d6ca98e671a792526a95e69995010aff13349ac991f1e40fbc3f5e96731269e38c61ebbb4e3617d08cedcbb8

                                                                                                • \??\pipe\LOCAL\crashpad_1704_IKISXEGRCNFPCNGK

                                                                                                  MD5

                                                                                                  d41d8cd98f00b204e9800998ecf8427e

                                                                                                  SHA1

                                                                                                  da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                  SHA256

                                                                                                  e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                  SHA512

                                                                                                  cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e