Analysis Overview
Threat Level: Shows suspicious behavior
The file https://github.com/kangoka/tiktodv3 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Resource Forking
Drops file in Windows directory
Modifies registry class
Suspicious behavior: MapViewOfSection
Suspicious use of WriteProcessMemory
Modifies Internet Explorer settings
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-11 14:36
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 14:36
Reported
2024-06-11 14:37
Platform
win10-20240404-en
Max time kernel
69s
Max time network
70s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Drops file in Windows directory
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000\Software\Microsoft\Internet Explorer\Main | C:\Windows\system32\browser_broker.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active\{6A8BC83E-ED89-49E6-8210-E49FF5BC05FA} = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "3509" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\NextUpdateDate = "424881577" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\Active | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\Total = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "268435456" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\DynamicCodePolicy = 05000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "646" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\"" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\LastCleanup = 433e35cf0cbcda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "598" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\Total = "598" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\Main | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionHigh = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\CIStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\ReadingStorePending = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = 60d4c37fbfc8da01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\bing.com\ = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\CIStatus\CIPolicyState = "0" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\www.bing.com\ = "537" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\IECompatVersionLow = "395205405" | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 14f72fea0cbcda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\SignaturePolicy = 06000000 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = baf827c60cbcda01 | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe | N/A |
Suspicious behavior: MapViewOfSection
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe | N/A |
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/kangoka/tiktodv3"
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.42.73.29:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 29.73.42.20.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.42.65.92:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 92.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.19.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.msn.com | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 2.17.43.104:443 | assets.msn.com | tcp |
| GB | 2.17.43.104:443 | assets.msn.com | tcp |
| GB | 2.17.43.104:443 | assets.msn.com | tcp |
| GB | 2.17.43.104:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 104.43.17.2.in-addr.arpa | udp |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 89.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 20.189.173.21:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 21.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.211.222.173.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | watson.telemetry.microsoft.com | udp |
| US | 52.182.143.212:443 | watson.telemetry.microsoft.com | tcp |
| US | 8.8.8.8:53 | 28.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.143.182.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.131.50.23.in-addr.arpa | udp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 204.79.197.200:443 | ieonline.microsoft.com | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
Files
memory/4048-17-0x000001F09F530000-0x000001F09F540000-memory.dmp
memory/4048-0-0x000001F09F420000-0x000001F09F430000-memory.dmp
memory/4048-35-0x000001F09C9D0000-0x000001F09C9D2000-memory.dmp
memory/1796-63-0x0000023048A00000-0x0000023048B00000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OQZLHADN\tiktodv3[1].htm
| MD5 | acec3dca4d9c0c39f1f2c3b02b3d5d2d |
| SHA1 | f5aac477b31217b676fdb6d57f7dc00aed9e6f62 |
| SHA256 | 35b031816a5b4d219fd154164b3c3a874bec6b55d1d0d5a3fc0278f791db474f |
| SHA512 | 1aaa40b4518d507cc5e58d83995a7cc21b7b43a6f5ec30122deed6fbce265e263756e6ff5e1ba3f65c3ad247d07c769dc59716301040e8b7646c22303e88e6b7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
| MD5 | a079966a735a85edb191728ac374d882 |
| SHA1 | 3b1bdc70b98216775f9522cfa4fa27ec4ec47999 |
| SHA256 | 847fd95bbd9dab4cb751f79ee9269f4a03e53f2e53968688de0802faa4c3c895 |
| SHA512 | b2c84ba3a9d566e92430dcc10daf5412466645a3571103c931c17f1be522372fee44446718d78a4c279e67615b38926f6cac8fefae5a13b9a783a4ce13e581ac |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25
| MD5 | 42f7553a7300d49094f9c162442541cf |
| SHA1 | 8ba3d4cbaca888cf13103335e897d9a1e680dec4 |
| SHA256 | e53641c7a6b3fa78213b4b54bdecbe6f833dfbb8e8c88a2220ea25a930c9fea4 |
| SHA512 | 4f19d579cdcbb40871d191de2d857bcef572bbdf1ccb44d99e5d2f6705a6297cc7ac20da3ac02ca7d928c5b581abfd6917c9790ac3b683dcc1f9ef2e6aee7b98 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C
| MD5 | a4018c2158cd032a0554688ff69e0fc9 |
| SHA1 | 02f33ff0ffc40b3f2936d9946bc04ee1b9efc8da |
| SHA256 | 7d0f81733a47cc6306e9d00ac422c00b2b442814a20e70a7ed28bf49dd8a0fb5 |
| SHA512 | b8189ac44f48d080d4a85ec1092286bef09747feed5c5a222d270f9a78cca742e49f9488c4fa1a8b3df48bf6c437d9776f4c72506954c6eed69943923c976fc5 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C
| MD5 | a2a2cfef083f64bec7bedb2a893130ec |
| SHA1 | c1feaad29ad119632060cfdee2abeb7c338003e4 |
| SHA256 | 2c69608c53aff62933793f26a9b91e30d67a3d661a8ff242a9e52480adf8b8fe |
| SHA512 | cd46e58dde825f197a0828367402ec8d2ffe937a2a6a8b3627e87e48b523a4839d5368ed07a532a6eee258f390f2cec352762c1133c7a6fc90331a431cea546c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
| MD5 | da66c9cbdbfa6c8dc76e16dfc02d62f5 |
| SHA1 | 59fb083100568b7f7439623a2f0129a5c082d346 |
| SHA256 | 623c6f7b81af16ad245f3781cfab7d85438aa268d3f024b699b2c373c9c18973 |
| SHA512 | 452cb37fece8cb7175e9544c71fa3c87a06358bebc6034756f88d4b5d0adcf3db5518b5066d113b4df0ff94e862d97caa5478b1d083dad33e00b2d19c400f165 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90
| MD5 | a0f12150a98e1bd09ce5709524f85ff7 |
| SHA1 | 1e7a7aea9282240b584e0130bb661b556583d78b |
| SHA256 | 1ee020b77f8a6b339e582fe8d1c97e8b148c3bda76525e684dea0e6233f60762 |
| SHA512 | dc23035ef4086302ada54be82025a1194ce1ad5c6885480efb9931f6a5d71e016792688bdeeea0ec1019f445370a12af4b9c7aef167435ab8f7b28b7d4a5c85f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\dark-4589f64a2275[1].css
| MD5 | f61d3d72b892ced3002fed1b6dae1a06 |
| SHA1 | efe5d615d7f12c1e089ed7e68238d3e161b7ef4b |
| SHA256 | b459cea038df58dd56e1cc7df606193ea027792427343f4d35a535fb0e96ebcd |
| SHA512 | 4589f64a2275cb4827c2f43b254ce635913bf9eb54a20d479c2cd12b1c506105de508d551bad833ee1e9396c31e50a552d5186966ac974646e84330c3348161b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\M5JLJ3LG\light-f552bab6ce72[1].css
| MD5 | 57b715fb666fb30b8734dc22bc74467d |
| SHA1 | 9fc81a5dceb105e5cc83b1b3b859d3f54b8ac898 |
| SHA256 | e9f53883f1a355c1c0eaf1e6c7e9a278da8cd726c7da7a5db462ebe436496d59 |
| SHA512 | f552bab6ce721c39d04a62d52ccb9d360387b45011a271807c7c677c45458ad0acd77c5f618a3172dddf0dec7d555f78e6d3b6217becbc97d28d62763f26da13 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\LLA4BR6N\global-545513c45073[1].css
| MD5 | 00dd87ad233982361cfc87d246086590 |
| SHA1 | 54ca129f85a02ced8e26ce325a7bbe36a11a6d5d |
| SHA256 | b7251f9d9119c23f1a2a83192425003284c58d5b117f30c551c2617addaa42b5 |
| SHA512 | 545513c450732d23237cc1844c0c0e07b92ca929c9f6dcae347e600217d83aeadd1d08e19eb76181343b9cf7ab37d1bfb2e2277e09944a66183a5cb176a32943 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\LLA4BR6N\github-f1af66156f94[1].css
| MD5 | 837cf1bcc858f007f7639fac65f6426d |
| SHA1 | 9b4377d76468d6786dde49e0521d173e633f7db3 |
| SHA256 | 6ba40ac0936fe04a8fa60d907799d58d481ab153323d65b92ccc9219ccf6ba19 |
| SHA512 | f1af66156f947ecedc848f7ea645fb556da9a697d818a7a0c6daaa26530a42fa29d9be6f9fcc1ec5bb35ac81fd3e7b16b5e17a369965525acca3c44c8efbd19a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\M5JLJ3LG\primer-primitives-4cbeaa0795ef[1].css
| MD5 | f78dad1c29b12057a61e4031fd6cd307 |
| SHA1 | 36953db7f8d8ef34aedf6d6a608287f1b93586f5 |
| SHA256 | 6b4f34714b5e626392f944037b222b232adb545d407f96136d31934f685a0a5d |
| SHA512 | 4cbeaa0795eff125cd72798ad6d5db8682a910a200d54aa52dcfd3e8334f62a59eb4a2d7eec3158756bc196e66559f7e08a7282e7c507902b26891a6ce3eff09 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OQZLHADN\wp-runtime-f7a8231d774c[1].js
| MD5 | 32c52b7e70bdc74f90874416012744ab |
| SHA1 | 531de1d72d69d6484907585126bae3e651701420 |
| SHA256 | 577d40ecd40c7517e1089cbb0abbc3ce301bc24a3a332c1ab1b3ac0859a7ad3d |
| SHA512 | f7a8231d774c0b5ab2e1ac0982426b66efc51cdafb8fe201eee809f5fa5df15d07d96d332b72199ba94b60c51acd647b29cd9551b8923d559ecec010980c5f8a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OQZLHADN\vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bdc28e06dc01[1].js
| MD5 | 7b97a324b6bf160b01c6bdbc6575cda6 |
| SHA1 | 6e722c996229bd364f30af6e27f66c830e0724ce |
| SHA256 | 56e180d31ad84457a30c7c464141e1e3f27d53c9e09ab1ea7075b13d6a6baccc |
| SHA512 | bdc28e06dc01da988f85dcbabe17ed10d9dce76d58e7f81098fe62a38d648102798f88a4cee014e94f8329c525e14146371c408a5467047195aa1476b16baf04 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-8d7117d67c36[1].js
| MD5 | 56f7f274c31dc7466bba321ca7f2980b |
| SHA1 | c90cc8de61229db83a4e139a8def18c8b629c5de |
| SHA256 | 7559850df847d01f92f5b98bff9c1b14066d7aa326458feff9980bf943ba4673 |
| SHA512 | 8d7117d67c363b6eba83cf07b26f89a06115015ed86845388245b491bd013c55d6a10b22dea14e7e6a18c3a4cf0011f82b45ae0950cc0ca682aeac8d24583651 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_ref-selector_ts-fa04da463305[1].js
| MD5 | 2ab9fc27fb6b46ba019037a9d6753590 |
| SHA1 | ccdcf943c6493ee2390ea5cfacfca81ba7b5708d |
| SHA256 | bd2b5d2378a20f21df4ee88a1471e898b69d5e1ba00a795c03424d64da491e8b |
| SHA512 | fa04da4633052cae095e2508bffade128c5f19e0ab26df648104a9234e26444e1ca0ca05f880d661e5ba420f396f41e1e95af2fa68e9a6abc261d55d2f48b44b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-e53a3f-52039a64560e[1].js
| MD5 | 1992cfe0c6f77ad3e8d2c46d8636dd95 |
| SHA1 | 7677990c0d0b7aad1f5cfb8d16ed2aa7f95f42a8 |
| SHA256 | 70bc6e98ac6cd0f947fe8172ed1cd1d026e1122986d50af5f221c64a03cb52f9 |
| SHA512 | 52039a64560e2ece59a33c94ed1460de27bdec9cb3d22fadeb511ee05d736c69849d73e3e4f7162f1c6d22551ff58dd52a5dfc8d5ee58fc995740be5fc2de7c4 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\react-lib-dc88c1a68b28[1].js
| MD5 | 981a6faf0381babe5499e4df92510c0a |
| SHA1 | 439ce7b8e817c8879be54a87a57a232b37d9f937 |
| SHA256 | 65b9d96ea9ff578196a219ba5c1c0015975d4f89013a6b17f1c7a39c4fe411f2 |
| SHA512 | dc88c1a68b2887d974326d8380593be9e4dd135176c4de793651167650bb51d855f7a62eeda2b22163e2596e39a05f298a994a9cba97918a42e35178bb7e6391 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\sessions-458fee042571[1].js
| MD5 | 38f482408b63f480bb877abf5c8b1b5b |
| SHA1 | e511484412759618ef21d7a6003a587df9b2cce4 |
| SHA256 | 14fe6bd3b9577a7961bd9b3a11f53848375596dc32b560a6a00b121566130b1c |
| SHA512 | 458fee042571330e6239580cbcec17c5842b5b8fd1e26f429f9c107995d31ebf87aeb58506b7a9f1fee7eed8ba6c84c20b4f6c94422ff77efed500fcb2e2fac4 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-8743f7dc256e[1].js
| MD5 | c430db71a5ff41622301fe8364e0f574 |
| SHA1 | 776e08ea75540f1454e1f421ee8cb26677f51b0a |
| SHA256 | 65896c301aeadab072be6bb30642491a037269c67efbfd0ffbca90b38e955f5b |
| SHA512 | 8743f7dc256e7b9ebe4cd4bb7da64afa1ca3e5a32a7881d56e60ac0aa4d4f2511ca3515b07aa21ba8de4f0e1d30393504068e38a7988b84ac750dcda302b4535 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\keyboard-shortcuts-dialog-abd3611b87d8[1].js
| MD5 | 58d5722e32817fca5af695cc120a0518 |
| SHA1 | ce5528b840766157a76a0e741776a1f225602888 |
| SHA256 | 41d12545b3a98b30442c75a2e293a561198ee904215f879f58df41f3b5662464 |
| SHA512 | abd3611b87d871581c52fabc4eadc88c355ba5d1d3ea94101e992999b818267107212bd3d6c940511585744515a8edffea364c4bb67755c2794f8ac304da4d5c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--1cd808-d9a0e71b26f4[1].js
| MD5 | 8eb1ee306bad18bfc506becab79603ea |
| SHA1 | ef05d8fae4d3c292e0e6059b5c8282514b3127d7 |
| SHA256 | f3f5f6d859035e2e407145068f47260a0a190bf108d34a9b661b4e491039283f |
| SHA512 | d9a0e71b26f438240cfec68508f59777973f4cd5df8825b35febd8f387f89529e33b28acd8b7354bec3f99e351ca3e0f1c42d2fa76092cffeb321cf9eb8c4f11 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\code-menu-67595c3a6d0c[1].js
| MD5 | ecaf6842df29586e81888f69eb17735d |
| SHA1 | 0198df718b7a77e364ead2448e0a62801c3bc424 |
| SHA256 | 6013aaf029f706510f8bce05010294da2cf4612cea03fcf17f1276b2b21e63b2 |
| SHA512 | 67595c3a6d0c65d58abf6e2303f8ddf180c35cdd5aff7a3684ac2acaa525d52d60dce484d507c78135be0b629025c9749d65e2a0eb69e2770a62694dd51bd666 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\repositories-1d69946468f7[1].js
| MD5 | 0a20a2c07653dac12ce19ee594f68ded |
| SHA1 | bcd1a230668caf8b59176f029d4d7b5732efb76a |
| SHA256 | 4ae912dc019729d939b2486989c13474e817d5dbeb2062a703db9675b3de924a |
| SHA512 | 1d69946468f7984c5e653a44a65bc82379400312d689930246487276aeb8ea1ecd7c5f4173d5fb0bca14c5bf14e5f8420f6e2376c473f9a96e79e646913c9169 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_repositories_get-repo-element_ts-e21ae6671295[1].js
| MD5 | 1be208a0dee9a906997dd9c148f2d9e8 |
| SHA1 | d5a6490de74fe850d31e655a4eb106fe6fdb3c24 |
| SHA256 | 6e6234fb394743b9ddfe1b5dc450aaae04929625415d13ae5d5f4fea95d81fa8 |
| SHA512 | e21ae667129552e5bfba7c379890df491183e9e68ff5851b5024606ac5af4cbf630960e70bcac0ef1ef85f4a48d8db7ff67f0cc7957f6aac856d17034da6577c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_github_mini-th-9dbbd2-dba0157157f7[1].js
| MD5 | 0a5f8adc37877f7707c840ab19dcb682 |
| SHA1 | 6df26b919a0a4affefd608b0b85e89ab59c535f4 |
| SHA256 | 76bc8151f8509334762061ecb861c09a89afb8cc4c562306600203af7872a6e1 |
| SHA512 | dba0157157f79a1afc82f203fb70e0ceea2416903bf9386f55cc750e68f93a06ab6c0b55d932d4f1d7375614f22922e90482878f951622d08c0b4368b6f93ab0 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_mini-throt-1f9a80-bb6794a6e5c6[1].js
| MD5 | b6ee5aeb555782fe5b87e06060dc2ce2 |
| SHA1 | f94c01f620ad7bdad0255662412e0d972483715f |
| SHA256 | 3b675fc0c5eb804d0d593d23afad9c794349abeac98b5b606168711a77098f23 |
| SHA512 | bb6794a6e5c671523b77be1eb7f1c588bac6b5a7030463d95dfbf807c8169f589a20cf5728402142dd68df688704300ba18df04fd70bd3352bd2568e03e31a4b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\codespaces-e5084321c6dd[1].js
| MD5 | e6009f614627eb34e52580c9e79af734 |
| SHA1 | f53b797c8bc79836dca8f19d3767567b10b3de38 |
| SHA256 | 52b9d2efdd9758523925e56f8d658a1efc0e2df8785fbe62cb165d4ac83cba65 |
| SHA512 | e5084321c6dd6500479d6113736b9f6ab67209d6ba666e257ae7bd776e1e73cf98b97da2faa258086617b2b61368e27abe073962b794c351509bc3f7c80ed649 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_virtualized-list_es_index_js-node_modules_github_template-parts_lib_index_js-878844713bc9[1].js
| MD5 | 84eee0a0d2d52ce4048f2dbdb3589012 |
| SHA1 | 9723f142ff6ce47f65dfed06d70b68a305a8dbb8 |
| SHA256 | bf11813ce0246da52cb3132837619c44d1e837e3eeebbbef12137dd91dfbec7f |
| SHA512 | 878844713bc98efc35c1a8041e3a53fa3e2ac9669dddeeeb2962ce6cdd465f84f0d41c3774ac27bd4bffcfbdf4832897e7711dbfd17adfac9d2fab206292c4e7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\notifications-global-0409f6303340[1].js
| MD5 | da1ef922fdbe1c8b7476a9e573a6e899 |
| SHA1 | 7bc097b8be11241838d61bbb2238f254db678a59 |
| SHA256 | fe3ddbeb08f9fbf7ee8f0b0d6ad520aa12b952fae7b6cd01e358dc8df0842ce4 |
| SHA512 | 0409f6303340a780887c62e2c695e5bacf36209aca7239ce710b3912693bafb34576c339795e06f4e1d58a544f5bcac8e2bf3910bfe7bbd1959b1e20d3e503ee |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71[1].js
| MD5 | c59673d413609f36559412bd12b5776f |
| SHA1 | 7cd5f0a997f4d154400dacbfcab376395009f690 |
| SHA256 | eaeb0852cbcffaef96c7a00b0080169f4aa752f0f1d5cafcdf6177e2d0698c5b |
| SHA512 | 2ea61fcc9a716eb3452f0b6d6531d0c724f69aa55a032af882eaae96f7f59bd26f028f1832f1aa65bc6fe90612acbf145249cf83b285399e8e4da7fc4c9ff5d2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\behaviors-4f7a77997eec[1].js
| MD5 | bfc78f6052e53b56ea0f27e83285fbbe |
| SHA1 | f9a8fb6429242365551c3ef8417014d0c46dff2f |
| SHA256 | 1fe6284ea2d4a1caf5f22606783e1592b2e18de0e9a0729d3d77459ed3d71446 |
| SHA512 | 4f7a77997eec2d8c440adb4eabdf8c22adde3d6059ef2efc60f0ebcdb244eeffa4947bf6873238183601cb9d5ced42aead29c506bad96f0bdafacf711716c7a8 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-5276a3faf037[1].js
| MD5 | 3e855a7d6aa0d98ad056c321ce1ae128 |
| SHA1 | ea16fe78e6b620dd7dbbffb567d61c4f6c44524d |
| SHA256 | 09ad4a9c952859abbee59fbeee5bc1c16b37099b7d9214c1339a33fa41ffa5f2 |
| SHA512 | 5276a3faf0375562d48bde775c5c8fb7491f877b71c2055f46455109db130acb9c05c2c7805a271b876d5fa79b74296fdde5ab1a3d5dbe933eb699dd217499a3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-0b06f9573e1c[1].js
| MD5 | 4e36f8f914e508e0b1d27e0a76fbc538 |
| SHA1 | 20587ccb382382a75407b48fef71391b8cbbe598 |
| SHA256 | ccf7569cf1b26f4c4f3da580581607b5fb7c3029ff2998cb38286e8497dd811d |
| SHA512 | 0b06f9573e1c88776a91fa1a5b24db3e5617e4c31b0d2752c1a902a4b69a80f4617d54d30816a34e6cbd12f01d99a7b9dfb7df0751a4f981b1cd76c2c3b7e41f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_sticky-scroll-into-view_ts-3dc342dedcb0[1].js
| MD5 | 29dfc9930099e2b6f347f86d9fc4f41a |
| SHA1 | 75096579b7e36072070919b7fe4b05c299c71c3a |
| SHA256 | b7e1059ff3305f9647c44c24c374b1a9a0de438b1785d4d94d12d54f37130644 |
| SHA512 | 3dc342dedcb0fc03e09761d02cd74c965ef753d8d85b073dcc2df919a9317e1e5ac530d8176a8b5568c760c4c50014c30fbd865cbe963009cc895ebac385e203 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-d3af2356fb47[1].js
| MD5 | c9698d20f6f4024fa7b622c1cae739cb |
| SHA1 | 6e0f6f4f2fe3314749e55abc856aa222b40363fc |
| SHA256 | 4d4bae616851c4ca16253326e968847135c8eea71aafe2d418769429040a19e6 |
| SHA512 | d3af2356fb47037c6409ffe9344ecf8acd012c337849b573125191ee10c8402fb6fd888971290557031ac446aa57d4e060d70e5610cfbc2409010450405d91db |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_updatable-content_ts-7fcc5f2841d8[1].js
| MD5 | 891d4aa3f1081498c0a827aafa123cad |
| SHA1 | e1bd8888b92c114df3f251a691c446176bb74880 |
| SHA256 | 927f17bebf637f6bc49a20774d602951f15e2995225fa182a982a6a3ae36ffb0 |
| SHA512 | 7fcc5f2841d851d622767e1a160e91ee0e4e4347a833050f0380c49e4be9bb97631f3def41b6442ca6483a6e3987c535ce523fd820862ae7f746551c2173006f |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-7c78ee755ad3[1].js
| MD5 | 732cd9c6c7f52671f1624fc217dc4977 |
| SHA1 | ac41db2f8a9f5c7b1fe92a55d92df974022e31f5 |
| SHA256 | 3c6724b93fd62f64bc48be487bdff98fcce880a50cd2ef427bda2533d754475d |
| SHA512 | 7c78ee755ad3f4805b7a27395bdbeac8c66cd77cd40d65ea95f4179500f0ba25d96ded539475c671160d73a60aa20f2a87cef38098800c08cffc02de3c1ed7bb |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-da6ec6-77ce2f267f4e[1].js
| MD5 | 4c374dbb8b51ca2a17089f1cbe0d81af |
| SHA1 | 16780554210360605236977d3220e017ef6af907 |
| SHA256 | a2fe57f312a0e894c2ac18814d3d96185e35248ff0807578f32132134c9b333b |
| SHA512 | 77ce2f267f4eb27e280615a84be951e6deefeeff796cf216dcef3366c68b03e609df7b2fc6e437c6ef3e626f80ee9469b9dd4a2f9a6606be2878d71980f8aa1d |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-b1947a1d4855[1].js
| MD5 | 9df3b614049471137f614271f8e15f99 |
| SHA1 | d85e313268cc2ef1788b1a8482a2d0cf8d1e4005 |
| SHA256 | 51f1f221edf00dd3df759a4dfbdb1da5710234f20c31f31e3b164f0aa9e2358d |
| SHA512 | b1947a1d4855f3022c3bf10b14b5cb764e72259550236e9c88903f78c558824107c651dc080a33ca768eb47be448a8ccf54e345755067a555147b93ef55938d7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-1bb71f3f93c2[1].js
| MD5 | 5e47e7018f1fd8cc688d1b137a845c66 |
| SHA1 | 4799f57188bb867526e5c4b2a9dbd81a49b73d5b |
| SHA256 | 20713a700b8f47053141296fac93cf45d39b323b23d864388d39224c62ed1cb0 |
| SHA512 | 1bb71f3f93c23d1ffe47cb27f0879c6949488482dae90ea0ef0a336178beeba84875e557f26d42ac87a610520c7e2eff40b89b80b04ba770d5ecbc79fc1c66f3 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_color-convert_index_js-cdd1e82b3795[1].js
| MD5 | 87c46393d70d0708f35f0a6ebfc12ae8 |
| SHA1 | ece46c81959bf53bfe6b47b7fadcd897fb701f1c |
| SHA256 | 61a2b49283bb67e9efad2108e5afadddd7f6fcc9677842529de7560a2f840a1a |
| SHA512 | cdd1e82b3795fb1404a063acabc4a4d6439aa10c772614c4b5dbb46bebd7297b63326bfaf0bc92475496522ec14e71d6f031c76e5aefb62793efe97a6869a4f9 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-880ac2bbb719[1].js
| MD5 | 6fee5ae66b3515a659af0ef1e63104ef |
| SHA1 | 2b3cb4839002d6ec44ae230968bfe3ba30fa5e00 |
| SHA256 | 0c05a71ebe46d680af577222bdea67e723372a350cdc0dfb0d4f1c0b4d3e7b58 |
| SHA512 | 880ac2bbb719b7dae39e8de2da4d712fe8abe809aed99d81f01c988b484bb36d1844cc287e6439f2b2b2d47150dda8051bbefe71d4116ec1b1060f9758ac62c7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-1cea0f5eff45[1].js
| MD5 | da12b1c4b7ef43005058dc23dc1c9241 |
| SHA1 | ead4a499250e02d02de785d57e9c9ef0a5479246 |
| SHA256 | e5fb7f565280a04a61ee0cb172345c19f4e3fce199cdf6ba8c7d7a8d1485bf53 |
| SHA512 | 1cea0f5eff456dd50d0ba331c24b25c3e46cac17f8486fff1d504dfb4b08de97b1c9e0f20c9f97f5a2e2d252096cefd77ddb5876d8d941b7e4e23cc1947d84df |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_lit-html_lit-html_js-cc7cb714ead5[1].js
| MD5 | 044ea6b19bdb237ca2c2911dd285d4f1 |
| SHA1 | 9451d4ebea616500153220d7efa137cae5520087 |
| SHA256 | a6d419935f6f293c3fd5b543ef57c5cb3b22ebedee6b1cda1b9ca45e36667c0b |
| SHA512 | cc7cb714ead55b9a08ad75ab729ce084785a6287a782dc6f10aecd0af788c0070519a84c3fc5f197cfd99ba66891d988488920fc1e225f6e0245600870dd9aab |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_githu-fd5530-79ffdad54bcd[1].js
| MD5 | 1e3c3e6bb3924fcc241b6e9ee226c4c4 |
| SHA1 | be21fd5b65934e7eb8f37cb2ceddd43df736480a |
| SHA256 | b5af1df9c5efc5eacff4f9e862c99aab02ac5edd32c9de8b54d1ba721530fb9d |
| SHA512 | 79ffdad54bcd84576c2626bef0e707d9f572ea2df786786ffc99648d3d43fcfc82a1f62aca3c8b2a968dd91b6309e967108666ecdc2b0adb7b15e5283fddbeaa |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\element-registry-abd10aa42089[1].js
| MD5 | ed08bc2c2662543dff0f208febeb2e8a |
| SHA1 | fc406fa8f8d293cfa13354c41eddae12abfb7449 |
| SHA256 | 4414f654157a57078be8710a941a789e9884d82ea9b64af1653d76b10a186a80 |
| SHA512 | abd10aa42089b775bf76f8b9dffd157e58be8263b34643ae50acda0c0ff35689b1ed8db4d0ed0d427592d350752ece19722f0945712dfc64af871b98cb37d3d5 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\github-elements-013d2eeedc88[1].js
| MD5 | 6cadeb92cb95d9789f2885410e0d7ebf |
| SHA1 | c09c725a65b20852a65c60b802f76230a2803b84 |
| SHA256 | aaab78c6239c62d96466aebb19376472571561f657dbbf211ce79316d79872b4 |
| SHA512 | 013d2eeedc8857904638371cf3aac6c7cf114bb24bf2c0df5ebbeda304b6661dc6b49ac08268c3f96cd751aad4102d45a5ddb223745614bb209ee8e85d5047ce |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-4083e7233d28[1].js
| MD5 | 4f22aa6918b77da0f328ea6f8ca48b37 |
| SHA1 | e628fc317f6222903a78b18c1863b3fc2add26a2 |
| SHA256 | 8750d76e37160367ff8a396d072ff92921bae8a5661a20f381e5c9f825e54e5c |
| SHA512 | 4083e7233d286c68d59193100d38a493234a8b51433e6e0f708d6dabeda4dd4ed60aa6d9fe9037a919fe448e03667c1d2518783ab406b33b55391d0167e078af |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-78d79e74e4ca[1].js
| MD5 | d4c0ebf9ffd5caec1a551958a0d12b85 |
| SHA1 | 195738cb297e245cdc834925082a2e35373e4a4d |
| SHA256 | dab3fc5bcdec0aee7594885ec51161f981c86932fe5ef258a62b96aa52133a71 |
| SHA512 | 78d79e74e4ca7699c9df11129d039fdbc3d922bd4bb41b6a1efd1b8d3686329438647a42bff2f5e7e2320001ddae8960e73cc392a76ba67cc44b12b9b74f682e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-b63d41-1e3984e4dd2f[1].js
| MD5 | 06fbfd24cb56c58414f4e10004343f8c |
| SHA1 | 02ac28652914a7cbaa7f0b7e472744b079430117 |
| SHA256 | c33b294bd6b3098588766c7e06407cd6f03f34ce062bce979a31b5b6737aa486 |
| SHA512 | 1e3984e4dd2fd46ae8d87ee1419120368af9f7040e58dc9d758319148008413291cbe9882d4e9e0d33f084212dec5ae2a84090385ef814b8c0ae4ee3be4fa9c2 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-6e6f83bcc978[1].js
| MD5 | c51750a26a33cf80e50f4a3d0aeb6892 |
| SHA1 | e98129a8f85a2630c649dc239a94d87eaf04ae4a |
| SHA256 | 9ea40b58c32c154e2cb17834f70f7bf8c6049bac1dcf640bbda8a8ba1e0f7670 |
| SHA512 | 6e6f83bcc9782b534fb50f26d877fe691ced39bf579844a5f4667460de9d723d918d312f7f1454f29ab63bb9263f5364339f3022c8c33b8c7ce816e869f15eb7 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_text-expander-element_dist_index_js-b2135edb5ced[1].js
| MD5 | 3f5c04894f0202a67ec6f0354c1f9acd |
| SHA1 | 6a6bf35008b0121bb5806e68bd5f87b20ba72f17 |
| SHA256 | 0dd1ec9da83fce11b3bfecf9aed67d4f33f7a1d4bd3f04dd1ed941f3b4c8b3fa |
| SHA512 | b2135edb5cedb3b45ffb96906170b242918156621c0d13000d18ccffcd2f20c2f1e2827b391cbe89f499745b748ae99bc51b972b4234ba739624caa4d2e33862 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-392fe4-5df1d85d02da[1].js
| MD5 | 21ae339ef47d4c7fec79065624f6f23f |
| SHA1 | b3ea44701dbeaf579454d95a12dd9be38c17fe0a |
| SHA256 | 2f5730a71982ee79c4baf8c3c8342e1810d4446c0b782f6394d3f189262d0fd2 |
| SHA512 | 5df1d85d02daf7f114a74bf783687d3d58bed8b26586b98b2617c60a61fef9abdee8ce5644903881bd48462eb1e201d725ea3bd5a52be090644483fe6964c628 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-1176135e4d90[1].js
| MD5 | 5f9c4b41587e7a2b318b2a5222c04c66 |
| SHA1 | ccd9b5c33099937404d9f16dbcee6966bcd59689 |
| SHA256 | 197776070ec3e0f130a099defaacce4a2e38f467119b89621a3f6152af1fe928 |
| SHA512 | 1176135e4d90915d6b565d6cae6e59f4d5c167d1e868ba094ba80320c127d0094a7d76dce0df4380d55f98a20fbb93f77b1d08b90fa616540f2af38cc793e13e |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_relative-time-element_dist_index_js-5c00adf875b8[1].js
| MD5 | 72a38407d0c9601e3b2f9929972cd121 |
| SHA1 | 4d2c402c40f421c03386f951f298aaae7836dc04 |
| SHA256 | 0859bcc4477056785bbebd71b926b71789a6c7ed77b989b56c081e7c0ac1cd25 |
| SHA512 | 5c00adf875b8463871d3e419063bce9a26697ba53eb3eeacf797db59ad17ce5634ef1d96890c4b6c2f76e2bdeecb328d820c8666cbb00d4dea15a7043544250c |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js
| MD5 | 683a7fe431bded8fbbf7b5189a1b8209 |
| SHA1 | 2fb527473877ea06ec6b023690ce933c216c5d07 |
| SHA256 | f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3 |
| SHA512 | 9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-f669b9466f06[1].js
| MD5 | 452fad8e10835986a8303d80cd375a67 |
| SHA1 | 71d2d141e966d6e2eb5cf9a5e077f2ced42f1873 |
| SHA256 | 66d9b6656b8719681d77992a2eea8c29e5125e3aafcf808a780a79e398135b32 |
| SHA512 | f669b9466f06e7b44f8ec132c29738c11de287a00cfe6c542d7f81fe6509b6e4642f07d7e20ff84348f89e6e6605888d294223fb69f7b9d3644f28b5c56b6be6 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OQZLHADN\environment-65dcc25bed15[1].js
| MD5 | 79caccc8deefd3e7a73ce4bd5201d9d3 |
| SHA1 | cce6204e7251dc08aa37c1be20f6935358f06a36 |
| SHA256 | 5ebb7e0ffd7088b16f2419d6d4797808088eb79cf0b9fb0a87e8026a5023fc40 |
| SHA512 | 65dcc25bed152630decf406372a90d6f01dbb7e45a962d018aa93dd5f1801cf58d87b330b2a1c7a6f817145fee44d0121825f863f8d3dc1f71e1531d2f5800ee |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OQZLHADN\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-4ac41d0a76fd[1].js
| MD5 | 4e684fa742abc9befc4748e8a4680586 |
| SHA1 | 25129f277cfd66774a3c47db8b22c19b364bdc25 |
| SHA256 | 97652a00703643a49de00ea59316fd488cf72429b599a62d7cfae464f7bf5a96 |
| SHA512 | 4ac41d0a76fde41832af2c742d4a063ecea83aafd5233ec46f82938fd5ba06aebc0a69fe241df477fcdf08b1a8e6d6f02e0a42669a351ea50b3056ebc8eefc9d |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\OQZLHADN\vendors-node_modules_dompurify_dist_purify_js-810e4b1b9abd[1].js
| MD5 | 917054ff94af6b65ef610aa7b541865a |
| SHA1 | ae699adc368c0bddf428d4f17cec479c6d96cd6c |
| SHA256 | 3b0d2012948870af14b480bed5535b34c5f7e649a2c9c13234c319fbf8d2d7db |
| SHA512 | 810e4b1b9abdcf5f10506f484ad38bc17cae973d1609d2d8d51bb4a8eb8d3c542cacfe6e4b1c31a062238087e216dfe4206064e8c1dc4cb5d961fc8e97a5a1ea |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\AOQRPCUP\code-33498bbbf39d[1].css
| MD5 | c33214069c8aaceb09d0bda33fc0dc53 |
| SHA1 | e048f70e3ec7acd9e07aceb3054b5946e57e0423 |
| SHA256 | dbe4579afad9456e07fd6eab0e4e0f6ef895e360fe26c5d4b3867f54081eabcc |
| SHA512 | 33498bbbf39d518a3b435bc1ba104a944183437fdc155a5dfaa6c4b3d67993b9e01661a416a53975889059e4a5d4a3ab164afb30634f6c6ffadee24d2893450b |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\LLA4BR6N\repository-2e900f0ac288[1].css
| MD5 | 0e753444198d619939444d6f8d168f7c |
| SHA1 | 830a3b21b982bd016ace447462d1ffcd0e91c1f6 |
| SHA256 | 93687313c07170c3ef1624982cdad4939f9ddbc088b24da5882dddaf1fff0058 |
| SHA512 | 2e900f0ac288f08a8f9053cd191db0f007263da300cb50cad02ae785cdc1bc8debd76cefee03471f7ae6641ada999e765160e41fba8d812bc7ae668a84106e45 |
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\LLA4BR6N\primer-87f353b17355[1].css
| MD5 | 1732aea9daf5bfe3cdc102e90bf66de2 |
| SHA1 | 007a102fe73f49de3474b348269cc73a21a0b564 |
| SHA256 | 7374a1e61da8969c1e35f78558dcbb08e86fc3f990f886c118d4e192aef9d0e6 |
| SHA512 | 87f353b17355a6bb57653dd1a8c0b193cc3e42c1b178ddc95fb3092258eec1b76f49c67422ce14a1bccdbff5f060c5171d2fdbead0dbd48272e0a74a9eb9b952 |
memory/4168-236-0x0000027CD5980000-0x0000027CD5A80000-memory.dmp
memory/4168-237-0x0000027CD5980000-0x0000027CD5A80000-memory.dmp
memory/4168-245-0x0000027CE60A0000-0x0000027CE60A2000-memory.dmp
memory/4168-251-0x0000027CE61A0000-0x0000027CE61A2000-memory.dmp
memory/4168-249-0x0000027CE6180000-0x0000027CE6182000-memory.dmp
memory/4168-247-0x0000027CE60C0000-0x0000027CE60C2000-memory.dmp
memory/4168-243-0x0000027CD5920000-0x0000027CD5922000-memory.dmp
memory/4168-241-0x0000027CD5900000-0x0000027CD5902000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\V28C7N3J\edgecompatviewlist[1].xml
| MD5 | d4fc49dc14f63895d997fa4940f24378 |
| SHA1 | 3efb1437a7c5e46034147cbbc8db017c69d02c31 |
| SHA256 | 853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1 |
| SHA512 | cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a |
memory/1780-286-0x00000246F7100000-0x00000246F7200000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DF4C35F0871FE6E5CE.TMP
| MD5 | 6c1041e1977ada954028031492f41653 |
| SHA1 | 83f3890036b06c8ac15e8fb5bfce7bc688eb34d6 |
| SHA256 | 7e539b763a8261530ca6a30b65ccca1a6aafb7070d7100a7a87b16de08e37c94 |
| SHA512 | 8586d3b97b351b2cd9026902ede0717f5d602e700baee1338e7363405d36e23ffd4cb9bc4384313b322c8713414a4d1748307cd1a43bc8a216ac62a1dc1e70dd |
memory/4168-309-0x0000027CD5980000-0x0000027CD5A80000-memory.dmp
memory/4168-318-0x0000027CE67D0000-0x0000027CE68D0000-memory.dmp
memory/4168-317-0x0000027CE67D0000-0x0000027CE68D0000-memory.dmp
memory/4168-319-0x0000027CD5980000-0x0000027CD5A80000-memory.dmp
memory/4168-328-0x0000027CE67D0000-0x0000027CE68D0000-memory.dmp
memory/1780-343-0x0000023E802F0000-0x0000023E803F0000-memory.dmp
memory/1780-390-0x0000023E90900000-0x0000023E90920000-memory.dmp
memory/1780-395-0x0000023E90B90000-0x0000023E90BB0000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\User\Default\DOMStore\NHLFBBG3\www.bing[1].xml
| MD5 | 510134cb913d0e467f2999c4aaa4c0d0 |
| SHA1 | af994923eab6406cceff8fd9dcc32f2c46f31138 |
| SHA256 | 6728d064058907d07b3b43a0494bf980cd113f4f8ea514ee7f036b45b941f442 |
| SHA512 | 9ba0fff25d6140531ee4b894e851e91362a280d58cc3923d577d5862527bf44839ba341257c808ba2b765dce7b6edda334eb5aeaa54935768ea24b9915a856f0 |
memory/4168-433-0x0000027CE61F0000-0x0000027CE62F0000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\BHD86FM5\suggestions[1].en-US
| MD5 | 5a34cb996293fde2cb7a4ac89587393a |
| SHA1 | 3c96c993500690d1a77873cd62bc639b3a10653f |
| SHA256 | c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad |
| SHA512 | e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 14:36
Reported
2024-06-11 14:37
Platform
macos-20240410-en
Max time kernel
36s
Max time network
38s
Command Line
Signatures
Resource Forking
| Description | Indicator | Process | Target |
| N/A | /System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool | N/A | N/A |
| N/A | "/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater" -bgcheck | N/A | N/A |
| N/A | "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall" "--install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" | N/A | N/A |
| N/A | /usr/bin/tar -Oxjf "/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz" GoogleSoftwareUpdate.bundle/Contents/Info.plist | N/A | N/A |
| N/A | /System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool | N/A | N/A |
| N/A | /System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck | N/A | N/A |
| N/A | /System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref | N/A | N/A |
Processes
/bin/sh
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://github.com/kangoka/tiktodv3"]
/bin/bash
[sh -c sudo /bin/zsh -c "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://github.com/kangoka/tiktodv3"]
/usr/bin/sudo
[sudo /bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://github.com/kangoka/tiktodv3]
/usr/libexec/xpcproxy
[xpcproxy com.oracle.java.Java-Updater]
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
[/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck]
/bin/zsh
[/bin/zsh -c /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --simulate-outdated-no-au='Tue, 31 Dec 2099' --new-window https://github.com/kangoka/tiktodv3]
/usr/libexec/xpcproxy
[xpcproxy com.apple.newsyslog]
/usr/sbin/newsyslog
[/usr/sbin/newsyslog]
/Applications/Google Chrome.app/Contents/MacOS/Google Chrome
[/Applications/Google Chrome.app/Contents/MacOS/Google Chrome --simulate-outdated-no-au=Tue, 31 Dec 2099 --new-window https://github.com/kangoka/tiktodv3]
/usr/libexec/xpcproxy
[xpcproxy com.apple.GameController.gamecontrollerd]
/usr/libexec/gamecontrollerd
[/usr/libexec/gamecontrollerd]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/chrome_crashpad_handler --monitor-self-annotation=ptype=crashpad-handler --database=/var/root/Library/Application Support/Google/Chrome/Crashpad --metrics-dir=/var/root/Library/Application Support/Google/Chrome --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=OS X --annotation=prod=Chrome_Mac --annotation=ver=101.0.4951.54 --handshake-fd=5]
/usr/bin/profiles
[/usr/bin/profiles status -type enrollment]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Helpers/ksinstall --install=/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/developer_id_certificate_reauthorize com.google.Chrome]
/usr/bin/tar
[/usr/bin/tar -Oxjf /Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Frameworks/KeystoneRegistration.framework/Resources/Keystone.tbz GoogleSoftwareUpdate.bundle/Contents/Info.plist]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (GPU).app/Contents/MacOS/Google Chrome Helper (GPU) --type=gpu-process --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --gpu-preferences=UAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgEAAAAAAAAmAQAAAAAAACIAQAAMAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAAAIAAAAAAAAIAgAAAAAAABACAAAAAAAAGAIAAAAAAAAgAgAAAAAAACgCAAAAAAAAMAIAAAAAAAA4AgAAAAAAAEACAAAAAAAASAIAAAAAAABQAgAAAAAAAFgCAAAAAAAAYAIAAAAAAABoAgAAAAAAAHACAAAAAAAAeAIAAAAAAACAAgAAAAAAAIgCAAAAAAAAkAIAAAAAAACYAgAAAAAAAKACAAAAAAAAqAIAAAAAAACwAgAAAAAAALgCAAAAAAAAwAIAAAAAAADIAgAAAAAAANACAAAAAAAA2AIAAAAAAADgAgAAAAAAAOgCAAAAAAAA8AIAAAAAAAD4AgAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAkAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADAAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAAAAAAPAAAAEAAAAAAAAAABAAAAAAAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACQAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAAMAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAAAQAAAA8AAAAQAAAAAAAAAAQAAAAAAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAJAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAAwAAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAEAAAADwAAABAAAAAAAAAABwAAAAAAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAkAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADAAAABAAAAAAAAAABwAAAA4AAAAQAAAAAAAAAAcAAAAPAAAAEAAAAAAAAAAIAAAAAAAAABAAAAAAAAAACAAAAAcAAAAQAAAAAAAAAAgAAAAIAAAAEAAAAAAAAAAIAAAACQAAABAAAAAAAAAACAAAAAsAAAAQAAAAAAAAAAgAAAAMAAAAEAAAAAAAAAAIAAAADgAAABAAAAAAAAAACAAAAA8AAAAQAAAAAAAAAAoAAAAAAAAAEAAAAAAAAAAKAAAABwAAABAAAAAAAAAACgAAAAgAAAAQAAAAAAAAAAoAAAAJAAAAEAAAAAAAAAAKAAAACwAAABAAAAAAAAAACgAAAAwAAAAQAAAAAAAAAAoAAAAOAAAAEAAAAAAAAAAKAAAADwAAAAgAAAAAAAAACAAAAAAAAAA= --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=28]
/usr/libexec/xpcproxy
[xpcproxy com.apple.CoreLocationAgent]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=network --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=21]
/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent
[/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=28]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Alerts).app/Contents/MacOS/Google Chrome Helper (Alerts) --type=utility --utility-sub-type=mac_notifications.mojom.MacNotificationProvider --lang=en-GB --service-sandbox-type=none --message-loop-type-ui --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=7 --launch-time-ticks=300800458 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=61]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=6 --launch-time-ticks=300844341 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=61]
/usr/bin/pluginkit
[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]
/usr/libexec/xpcproxy
[xpcproxy com.apple.ViewBridgeAuxiliary]
/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
[/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump]
/usr/sbin/spindump
[/usr/sbin/spindump]
/usr/libexec/xpcproxy
[xpcproxy com.apple.pbs]
/System/Library/CoreServices/pbs
[/System/Library/CoreServices/pbs]
/usr/libexec/xpcproxy
[xpcproxy com.apple.tailspind]
/usr/libexec/tailspind
[/usr/libexec/tailspind]
/usr/libexec/xpcproxy
[xpcproxy com.apple.SafariLaunchAgent]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=8 --launch-time-ticks=303986640 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=67]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=12 --launch-time-ticks=304562555 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=68]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=10 --launch-time-ticks=304815540 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=70]
/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
[/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=11 --launch-time-ticks=305490381 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=70]
/usr/sbin/system_profiler
[/usr/sbin/system_profiler SPConfigurationProfileDataType -detailLevel mini -timeout 15 -xml]
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin
[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin --productid com.google.Chrome --print-tickets --store /Library/Google/GoogleSoftwareUpdate/TicketStore/Keystone.ticketstore]
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin
[/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Helpers/ksadmin -P com.google.Chrome --delete --user-store]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=91]
/usr/sbin/spctl
[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdaterB516C108/OneDrive.app]
/usr/libexec/xpcproxy
[xpcproxy com.apple.systempreferences.2140]
/System/Applications/System Preferences.app/Contents/MacOS/System Preferences
[/System/Applications/System Preferences.app/Contents/MacOS/System Preferences]
/usr/libexec/xpcproxy
[xpcproxy com.apple.AccountProfileRemoteViewService 549]
/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService
[/System/Library/PrivateFrameworks/AOSUI.framework/Versions/A/XPCServices/AccountProfileRemoteViewService.xpc/Contents/MacOS/AccountProfileRemoteViewService]
/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool
[/System/Library/PreferencePanes/ClassroomSettings.prefPane/Contents/Resources/ClassroomSettingsVisibilityCheckTool]
/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool
[/System/Library/PreferencePanes/Profiles.prefPane/Contents/Resources/CPPrefPaneEnabledTool]
/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck
[/System/Library/PreferencePanes/Sidecar.prefPane/Contents/Resources/sidecarPrefCheck]
/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref
[/System/Library/PreferencePanes/TouchID.prefPane/Contents/Resources/AllowPasswordPref]
/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool
[/System/Library/PreferencePanes/Wallet.prefPane/Contents/Resources/walletAvailabilityCheckTool]
/usr/libexec/xpcproxy
[xpcproxy com.apple.nfcd]
/usr/libexec/nfcd
[/usr/libexec/nfcd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.studentd]
/usr/libexec/studentd
[/usr/libexec/studentd]
/usr/libexec/xpcproxy
[xpcproxy com.apple.spindump_agent]
/usr/libexec/spindump_agent
[/usr/libexec/spindump_agent]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=104]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=111]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-GB --service-sandbox-type=utility --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=116]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-GB --service-sandbox-type=service --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=115]
/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer)
[/Applications/Google Chrome.app/Contents/Frameworks/Google Chrome Framework.framework/Versions/101.0.4951.54/Helpers/Google Chrome Helper (Renderer).app/Contents/MacOS/Google Chrome Helper (Renderer) --type=renderer --metrics-client-id=c4c0c7dc-66bc-4341-87b4-36b4665ab2e7 --extension-process --display-capture-permissions-policy-allowed --lang=en-GB --num-raster-threads=1 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --renderer-client-id=19 --launch-time-ticks=321989079 --shared-files --field-trial-handle=1718379636,r,17778253518555012005,12241892016985378474,131072 --seatbelt-client=61]
/usr/libexec/xpcproxy
[xpcproxy com.apple.sysmond]
/usr/libexec/sysmond
[/usr/libexec/sysmond]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | mobile.events.data.trafficmanager.net | udp |
| US | 20.189.173.23:443 | tcp | |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | tcp |
| US | 8.8.4.4:443 | dns.google | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | api.apple-cloudkit.fe2.apple-dns.net | udp |
| GB | 172.217.16.234:443 | optimizationguide-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | e6858.dscx.akamaiedge.net | udp |
| BE | 23.55.96.225:443 | tcp | |
| US | 8.8.8.8:53 | dns.google | udp |
| US | 8.8.8.8:443 | dns.google | tcp |
| US | 8.8.8.8:53 | apis.apple.map.fastly.net | udp |
| GB | 216.58.212.195:80 | www.gstatic.com | tcp |
Files
/tmp/com.google.Keystone/.keystone_system_install_lock
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 25a0ede07d41c91855626802fc550025 |
| SHA1 | b0ae557c4d7d96fbef3304442353afda3921b119 |
| SHA256 | 9be83e0719f65f608d62b72a0855bc6779a7fb90d0c3110c2be1c5be44036337 |
| SHA512 | 3680585ed9ebe7675a1780ab7059fc5a4adc2ebeeaa6b244ea9c7ec21f3e19bc111e7c7a2df1ee0469658239c17172b8347dcc5df3324e9ba6dafd2ae78e4069 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | e5745d64f1fd576976218f29aba7e935 |
| SHA1 | 4c2cac7eeb08103db933f28d2fb7784be7336d96 |
| SHA256 | 87c2de701438f097fc3ee41b6636739c08f6b5a34b95209961afe7013eb491b6 |
| SHA512 | a2ee7a7c21993baaf2bbf409abea8c78cc665343f5b447d4555f55bf06d8b73141e118f13e9f02348ea5c6a6ec1eedc2aa5b23d8f61de25ac5f2d2abc3c62709 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | c069364cb80a79f68f3201c89ed2496b |
| SHA1 | 8e8591a93dacc7bf5dc419b0325ef9c844996de6 |
| SHA256 | 072945ac4320cd8fb54cbac478f47b0b9998bd40d0b18d9625e1f391dd84987d |
| SHA512 | efb8b19c5e8dbd702754ba39934bbc276bae48d067560cb8523ba653f86e8d13596344d5ce3257731706d84095603af8af2e3138c83c979a7507023e59bf9e30 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 84acbb3606bf339fcb8d35f698712b7c |
| SHA1 | 7c2cf32ef77d8cdc04097d505344a2273c519034 |
| SHA256 | 36beb48516bb632f1b71fde6b02a4b51083518ae5c71ce0df01c89d09d7ad0ef |
| SHA512 | ac6378d3feb4ec639917c1e4c61b26d845a2b777cdf846fe557413306abac5e493945d799e88246f7db7cc2abc0f32b2ec3efb7b178dc975a60b5230f9818d2b |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | fe3e1ee98202c2fac89a927a99bac5db |
| SHA1 | ebc9e937dbd2b478a73140f952909125c5bbb20d |
| SHA256 | 95d84899dd1708c281c42df6892185ed9cbd0a51c067c4565fda889faaf5acd9 |
| SHA512 | 394d2aadd24ccde96ea3ad5eb377d597a3f2456f73d4dd13c14d4142bfef2171aec932adff6c2918ddce08457c49101085bfe19a89bec9a35c97f176a7ee756b |
/var/root/Library/Application Support/Google/Chrome/Crashpad/settings.dat
| MD5 | c6db1caaee0095f017c09113d53ed054 |
| SHA1 | cc37e2b3948325a0eeb51080f45b17ebf52a7035 |
| SHA256 | ca3252b297284a87de2ee1688585f7c37d26b98c05d7ed04bd7d6df10c0d1476 |
| SHA512 | 3013340ee4157dfef7dcacd690b840f12b876e8241d4e8bc419016d5336810ab77023cdbbeaa896544e4c29f386d21296649542ef2b0fc6b58c49e2ad0337d85 |
/Users/run/Library/Keychains/login.keychain-db
| MD5 | 9350aa4355ad07c958b6fed56dc4df06 |
| SHA1 | 3137f725c4a084bc9e9c3d8fe4cb81b5eaf894e5 |
| SHA256 | 8cfdc13b85c0e0f9406590f3fd88479642f14a4a9406e9eaceeecc3e12eedf30 |
| SHA512 | c7abeccea97b817a3b18d774cf7098610f75e0bba3e93f7e060146349b7334510ae1ab961838f4ab4fb2f1ef1f94ee8d2d02ea84311a97c1bcd6fcfad64b9409 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db
| MD5 | d3a1859e6ec593505cc882e6def48fc8 |
| SHA1 | f8e6728e3e9de477a75706faa95cead9ce13cb32 |
| SHA256 | 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c |
| SHA512 | ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818 |
/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db
| MD5 | 0e4a0d1ceb2af6f0f8d0167ce77be2d3 |
| SHA1 | 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c |
| SHA256 | cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030 |
| SHA512 | 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20 |
/var/root/Library/Application Support/Google/Chrome/Default/Sync Data/LevelDB/000003.ldb
| MD5 | fe382e791274914bee5950777e4f1fd3 |
| SHA1 | 53b523b5fc87e66f2520a0b5f9ea080072668f4d |
| SHA256 | 935d36c021d0e08a5648c622f3f6fde376e3310013680ae598c0e22dc943d132 |
| SHA512 | a5f608fb4f0a1dbc4c5d1b739b1a5b6f50cac1d6a61312b19abf9f601882a291d73524ac55bbe183e4e64db8dcc203d4bf3cedc734fd04bd448cb825d98d1e67 |
/var/root/Library/Application Support/Google/Chrome/Default/Site Characteristics Database/000003.ldb
| MD5 | 5c4e7ade5753ab7de2c42c04111fa42e |
| SHA1 | fb577b8c07d9617f507a3f2950df0a6dcfebe4e2 |
| SHA256 | d3979fd2d9ecfdb05498d79d1f24998c38cfd107e321f6810d8b7f9f12affd82 |
| SHA512 | 7a7452bcd22e66190e36ff0036f21d854fa57bdcbaebf637aa3a6d932a385a7c90525ede0c124853c218445d583c0edcf45d12159ca452732f31d16c3901929b |
/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
/var/root/Library/Application Support/Google/Chrome/Default/Extension Scripts/MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
/var/root/Library/Application Support/Google/Chrome/Default/Session Storage/000003.ldb
| MD5 | 38fc535a8f11d7e955ef58cc63158eff |
| SHA1 | c45ad3ee106dbfb65dce7c09b53140f34454cd0e |
| SHA256 | 085c44dfa11e65ac3548c4d0fe1ae641570f90c7caaa2881c3990efcf555e6a8 |
| SHA512 | 26e70000f77c1b6388dd470f9d7ec6bedc4fc3c43e48efcc853812eb076108bcdd9f50f7a89265e431d33df96e71755ca242dfd0aac16a51d99dea50a5a1e505 |
/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/.com.google.Chrome.N4Eceu
| MD5 | 541f52e24fe1ef9f8e12377a6ccae0c0 |
| SHA1 | 189898bb2dcae7d5a6057bc2d98b8b450afaebb6 |
| SHA256 | 81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82 |
| SHA512 | d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88 |
/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/metadata/000003.ldb
| MD5 | 17a2dc5826aeb539547f00f52eccccd5 |
| SHA1 | fd36ad6db84312792cffac0267f6329b21727d66 |
| SHA256 | 746da9cf33c3e4d29907dfdf1065f06ae16dcb5c2e9a34cfb5dd0dae9130f151 |
| SHA512 | 6bca3e308d0446211570021c1f1dc6d8e9704a2a68a90c5c8daf26b20cb2702bccfae8ddfeb6f16c8bfea83e1b648810054a25a7967bb9539feb241f2950ea73 |
/var/root/Library/Application Support/Google/Chrome/Default/shared_proto_db/000003.ldb
| MD5 | ea517aa120c972c602673d331dfa35bc |
| SHA1 | 7ff539eec544cf306b80137bc182fb544e58aad5 |
| SHA256 | 0c53b2ef8ec9bd6c3b81955b45cd9fc69705e7b435ad747b50c150c7e341f8da |
| SHA512 | e2bc6f26b0db61af3b7f1648e890be2b748aa886ff3ab51e207a915432c6d9a426b188fe9c979b443e8fe8aad248442b20b2e6cd38f494264cb7cdbcaa88eecd |
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirkE7Dd4/CRX_INSTALL/images/icon_128.png
| MD5 | 30899b6c4e4a757b8ec6dd2208acdfb4 |
| SHA1 | f2c5880a724c6d75cce1b5191e0d82c3bc7de768 |
| SHA256 | 4f17efbd974a41d88cb36567aab6bf4586579e78780f00b1826676819e14bff4 |
| SHA512 | 58539e3f0ad7fef30792efcdbbd955599e11e4261c9946e7c3dff6267e01747354ea3b901c46fc8329f81c68afbeb2d05fe3fcb266bc5948de8befa5b8d040ee |
/private/var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/scoped_dirkE7Dd4/CRX_INSTALL/images/icon_16.png
| MD5 | 344554d96e418120bd80ef5de5194697 |
| SHA1 | 23e141c3a6ce368acc1c299f062ab85914bcb17e |
| SHA256 | 0a4bd08db6422f8e7a8a218ef39c1b99a5a675f12697f26be88f9afc2e1f9378 |
| SHA512 | 7ae38853e5acca479d7fd81d48bb88c671cf4dce63342209bcff045ac581a04b7b0ed48f6c58253db950935c0522caaa4fbc6cf5a25151a8960ba56fc804569e |
/private/var/root/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda/1.0.0.6_1/craw_background.js
| MD5 | 6eebed29e6a6301e92a9b8b347807f5f |
| SHA1 | 65dfb69b650560551110b33dcba50b25e5b876de |
| SHA256 | 04cd9494b0ed83924dad12202630b20d053d9e2819c8e826a386c814cc0a1697 |
| SHA512 | fede6db31f2ad242e7bc7b52a8859ba7f466a0b920a8dadcb32dcfb5b2a2742e98b767ff22e0c5bc5c11fec021240aa9e458486c9039eb4ebe5cf6af7be97bf2 |