Analysis

  • max time kernel
    635s
  • max time network
    636s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 12:21

General

  • Target

    7up69l.jpg

  • Size

    12KB

  • MD5

    0b2814fae1c1db46b9c61afcc1a63f49

  • SHA1

    0f4700cd7aa6713ae76c6ffd8804340b0338c301

  • SHA256

    69f43617b38f34ba3a45a9bf75829568078ce6e6b86cb75c2babd2f891810e4e

  • SHA512

    a267d1f4a5dce71e7e64ef8dcac796248a884c3de8adbe011f31c171613a415339c2f2973e1e0b62375c473aa019666b7008af919d0c979c2eee3cb2fdd93286

  • SSDEEP

    384:ahv/XX5Ry8NCVH6ZYklmwQQc+8WHxvj14UxeuEjCB:adpQbhiwtQcTWRStrE

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Drops file in System32 directory 1 IoCs
  • Drops file in Windows directory 58 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 20 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 27 IoCs
  • Modifies data under HKEY_USERS 16 IoCs
  • Modifies registry class 5 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 41 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\7up69l.jpg
    1⤵
      PID:1940
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:4860
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa95aeab58,0x7ffa95aeab68,0x7ffa95aeab78
        2⤵
          PID:1948
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1724 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:2
          2⤵
            PID:5088
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1960 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
            2⤵
              PID:1548
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
              2⤵
                PID:2444
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2888 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                2⤵
                  PID:2424
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2896 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                  2⤵
                    PID:2452
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4412 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                    2⤵
                      PID:2468
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4616 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                      2⤵
                        PID:4448
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4772 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                        2⤵
                          PID:3700
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                          2⤵
                            PID:4800
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5000 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                            2⤵
                              PID:2220
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                              2⤵
                                PID:3380
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4380 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                                2⤵
                                  PID:3388
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1112 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:2
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:4284
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3376 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                                  2⤵
                                    PID:2752
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6088 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                                    2⤵
                                      PID:3128
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6096 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                                      2⤵
                                        PID:4688
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6044 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                                        2⤵
                                          PID:3800
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                                          2⤵
                                            PID:2164
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5392 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                                            2⤵
                                              PID:4568
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4600 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                                              2⤵
                                                PID:868
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4404 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                                                2⤵
                                                  PID:3056
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1164 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:8
                                                  2⤵
                                                    PID:4476
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4556 --field-trial-handle=2136,i,14059672996467329523,2512146949692321188,131072 /prefetch:1
                                                    2⤵
                                                      PID:3980
                                                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                    1⤵
                                                      PID:2992
                                                    • C:\Windows\System32\rundll32.exe
                                                      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                      1⤵
                                                        PID:1968
                                                      • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                        "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe"
                                                        1⤵
                                                          PID:1552
                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:3704
                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:5048
                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:5016
                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:836
                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /watchdog
                                                            2⤵
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:2584
                                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe
                                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_MEMZ-virus-main.zip\MEMZ-virus-main\MEMZ.exe" /main
                                                            2⤵
                                                            • Writes to the Master Boot Record (MBR)
                                                            • Modifies registry class
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:3432
                                                            • C:\Windows\SysWOW64\notepad.exe
                                                              "C:\Windows\System32\notepad.exe" \note.txt
                                                              3⤵
                                                                PID:2740
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free
                                                                3⤵
                                                                • Enumerates system info in registry
                                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                • Suspicious use of FindShellTrayWindow
                                                                • Suspicious use of SendNotifyMessage
                                                                PID:2148
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                  4⤵
                                                                    PID:3160
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2
                                                                    4⤵
                                                                      PID:3424
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3
                                                                      4⤵
                                                                        PID:1436
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2716 /prefetch:8
                                                                        4⤵
                                                                          PID:3864
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
                                                                          4⤵
                                                                            PID:1444
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1
                                                                            4⤵
                                                                              PID:1588
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
                                                                              4⤵
                                                                                PID:2640
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
                                                                                4⤵
                                                                                  PID:1368
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5332 /prefetch:1
                                                                                  4⤵
                                                                                    PID:1204
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
                                                                                    4⤵
                                                                                      PID:2508
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3656 /prefetch:1
                                                                                      4⤵
                                                                                        PID:1112
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5656 /prefetch:1
                                                                                        4⤵
                                                                                          PID:5348
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1
                                                                                          4⤵
                                                                                            PID:5356
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
                                                                                            4⤵
                                                                                              PID:5776
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3036 /prefetch:1
                                                                                              4⤵
                                                                                                PID:4720
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2076,1913787061004381918,11823434555829501076,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3628 /prefetch:1
                                                                                                4⤵
                                                                                                  PID:5560
                                                                                              • C:\Windows\SysWOW64\mspaint.exe
                                                                                                "C:\Windows\System32\mspaint.exe"
                                                                                                3⤵
                                                                                                • Drops file in Windows directory
                                                                                                • Suspicious use of SetWindowsHookEx
                                                                                                PID:5904
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
                                                                                                3⤵
                                                                                                  PID:4456
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                    4⤵
                                                                                                      PID:2552
                                                                                                  • C:\Windows\SysWOW64\explorer.exe
                                                                                                    "C:\Windows\System32\explorer.exe"
                                                                                                    3⤵
                                                                                                    • Modifies registry class
                                                                                                    PID:2336
                                                                                                  • C:\Windows\SysWOW64\cmd.exe
                                                                                                    "C:\Windows\System32\cmd.exe"
                                                                                                    3⤵
                                                                                                      PID:4284
                                                                                                    • C:\Windows\SysWOW64\mmc.exe
                                                                                                      "C:\Windows\system32\mmc.exe" "C:\Windows\System32\devmgmt.msc"
                                                                                                      3⤵
                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                      PID:3208
                                                                                                      • C:\Windows\system32\mmc.exe
                                                                                                        "C:\Windows\System32\devmgmt.msc" "C:\Windows\System32\devmgmt.msc"
                                                                                                        4⤵
                                                                                                        • Drops file in System32 directory
                                                                                                        • Drops file in Windows directory
                                                                                                        • Checks SCSI registry key(s)
                                                                                                        • Suspicious use of SetWindowsHookEx
                                                                                                        PID:5388
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
                                                                                                      3⤵
                                                                                                      • Enumerates system info in registry
                                                                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                      • Suspicious use of FindShellTrayWindow
                                                                                                      • Suspicious use of SendNotifyMessage
                                                                                                      PID:860
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                        4⤵
                                                                                                          PID:3636
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2304 /prefetch:2
                                                                                                          4⤵
                                                                                                            PID:3172
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
                                                                                                            4⤵
                                                                                                              PID:3240
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
                                                                                                              4⤵
                                                                                                                PID:4820
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
                                                                                                                4⤵
                                                                                                                  PID:4932
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2292,13882392028026409340,751886179000424232,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
                                                                                                                  4⤵
                                                                                                                    PID:3016
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=john+cena+midi+legit+not+converted
                                                                                                                  3⤵
                                                                                                                  • Enumerates system info in registry
                                                                                                                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                  PID:3188
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                                    4⤵
                                                                                                                      PID:1600
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
                                                                                                                      4⤵
                                                                                                                        PID:4464
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
                                                                                                                        4⤵
                                                                                                                          PID:2596
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2920 /prefetch:8
                                                                                                                          4⤵
                                                                                                                            PID:1588
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
                                                                                                                            4⤵
                                                                                                                              PID:2036
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
                                                                                                                              4⤵
                                                                                                                                PID:1656
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,2062740438844731921,15873106799423995675,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3088 /prefetch:1
                                                                                                                                4⤵
                                                                                                                                  PID:1364
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware
                                                                                                                                3⤵
                                                                                                                                • Enumerates system info in registry
                                                                                                                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                PID:2080
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                                                  4⤵
                                                                                                                                    PID:4988
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
                                                                                                                                    4⤵
                                                                                                                                      PID:5684
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
                                                                                                                                      4⤵
                                                                                                                                        PID:5704
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2768 /prefetch:8
                                                                                                                                        4⤵
                                                                                                                                          PID:4680
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
                                                                                                                                          4⤵
                                                                                                                                            PID:4888
                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,13396584409445086413,6248638962857059985,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
                                                                                                                                            4⤵
                                                                                                                                              PID:3776
                                                                                                                                          • C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
                                                                                                                                            "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
                                                                                                                                            3⤵
                                                                                                                                            • Suspicious use of SetWindowsHookEx
                                                                                                                                            PID:3860
                                                                                                                                            • C:\Windows\splwow64.exe
                                                                                                                                              C:\Windows\splwow64.exe 12288
                                                                                                                                              4⤵
                                                                                                                                                PID:5232
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=dank+memz
                                                                                                                                              3⤵
                                                                                                                                              • Enumerates system info in registry
                                                                                                                                              • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                              PID:6028
                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                                                                4⤵
                                                                                                                                                  PID:4448
                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
                                                                                                                                                  4⤵
                                                                                                                                                    PID:1360
                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2312 /prefetch:3
                                                                                                                                                    4⤵
                                                                                                                                                      PID:2072
                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8
                                                                                                                                                      4⤵
                                                                                                                                                        PID:4232
                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
                                                                                                                                                        4⤵
                                                                                                                                                          PID:2484
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2216,7316292208782232393,16434716188721271614,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3308 /prefetch:1
                                                                                                                                                          4⤵
                                                                                                                                                            PID:5976
                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://motherboard.vice.com/read/watch-this-malware-turn-a-computer-into-a-digital-hellscape
                                                                                                                                                          3⤵
                                                                                                                                                          • Enumerates system info in registry
                                                                                                                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                          PID:4792
                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                                                                            4⤵
                                                                                                                                                              PID:3692
                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2104 /prefetch:2
                                                                                                                                                              4⤵
                                                                                                                                                                PID:2004
                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
                                                                                                                                                                4⤵
                                                                                                                                                                  PID:2136
                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2748 /prefetch:8
                                                                                                                                                                  4⤵
                                                                                                                                                                    PID:464
                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3132 /prefetch:1
                                                                                                                                                                    4⤵
                                                                                                                                                                      PID:1084
                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1
                                                                                                                                                                      4⤵
                                                                                                                                                                        PID:2596
                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 /prefetch:8
                                                                                                                                                                        4⤵
                                                                                                                                                                          PID:4272
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2176,5685452842061911087,11685344461808228019,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4116 /prefetch:8
                                                                                                                                                                          4⤵
                                                                                                                                                                            PID:1784
                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
                                                                                                                                                                          3⤵
                                                                                                                                                                          • Enumerates system info in registry
                                                                                                                                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                          PID:4484
                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                                                                                            4⤵
                                                                                                                                                                              PID:5476
                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
                                                                                                                                                                              4⤵
                                                                                                                                                                                PID:2780
                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
                                                                                                                                                                                4⤵
                                                                                                                                                                                  PID:5552
                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2740 /prefetch:8
                                                                                                                                                                                  4⤵
                                                                                                                                                                                    PID:4428
                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
                                                                                                                                                                                    4⤵
                                                                                                                                                                                      PID:4212
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,6469960896839574663,13118910454836060165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
                                                                                                                                                                                      4⤵
                                                                                                                                                                                        PID:6020
                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
                                                                                                                                                                                      3⤵
                                                                                                                                                                                      • Enumerates system info in registry
                                                                                                                                                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                                                      PID:4684
                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffaa38a46f8,0x7ffaa38a4708,0x7ffaa38a4718
                                                                                                                                                                                        4⤵
                                                                                                                                                                                          PID:5776
                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
                                                                                                                                                                                          4⤵
                                                                                                                                                                                            PID:4308
                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
                                                                                                                                                                                            4⤵
                                                                                                                                                                                              PID:1572
                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2800 /prefetch:8
                                                                                                                                                                                              4⤵
                                                                                                                                                                                                PID:3536
                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                  PID:2124
                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                    PID:1976
                                                                                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                      PID:2480
                                                                                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1
                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                        PID:5256
                                                                                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                          PID:6136
                                                                                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 /prefetch:8
                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                            PID:4724
                                                                                                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                              PID:5356
                                                                                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5312 /prefetch:1
                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                PID:2640
                                                                                                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                  PID:2512
                                                                                                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2104,15621905378440943391,13402631628506432736,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3968 /prefetch:1
                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                    PID:5884
                                                                                                                                                                                                                • C:\Windows\SysWOW64\explorer.exe
                                                                                                                                                                                                                  "C:\Windows\System32\explorer.exe"
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                  • Modifies registry class
                                                                                                                                                                                                                  PID:5284
                                                                                                                                                                                                                • C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
                                                                                                                                                                                                                  "C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe"
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                  PID:3476
                                                                                                                                                                                                                • C:\Windows\SysWOW64\explorer.exe
                                                                                                                                                                                                                  "C:\Windows\System32\explorer.exe"
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                  • Modifies registry class
                                                                                                                                                                                                                  PID:5752
                                                                                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                PID:4700
                                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                  PID:1128
                                                                                                                                                                                                                • C:\Windows\system32\svchost.exe
                                                                                                                                                                                                                  C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                    PID:5984
                                                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                      PID:4512
                                                                                                                                                                                                                    • C:\Windows\system32\NOTEPAD.EXE
                                                                                                                                                                                                                      "C:\Windows\system32\NOTEPAD.EXE" C:\note.txt
                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                      • Opens file in notepad (likely ransom note)
                                                                                                                                                                                                                      PID:4004
                                                                                                                                                                                                                    • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                                                      C:\Windows\system32\AUDIODG.EXE 0x2f8 0x2d8
                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                        PID:3308
                                                                                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                          PID:228
                                                                                                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                            PID:6072
                                                                                                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                              PID:5336
                                                                                                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                PID:740
                                                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                                  PID:5536
                                                                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                    PID:3544
                                                                                                                                                                                                                                  • C:\Windows\system32\svchost.exe
                                                                                                                                                                                                                                    C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                      PID:3968
                                                                                                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                        PID:5212
                                                                                                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                          PID:5364
                                                                                                                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                            PID:5808
                                                                                                                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                              PID:4216
                                                                                                                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                              1⤵
                                                                                                                                                                                                                                                PID:4064
                                                                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                1⤵
                                                                                                                                                                                                                                                  PID:3576
                                                                                                                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                    PID:1084
                                                                                                                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                      PID:864
                                                                                                                                                                                                                                                    • C:\Windows\system32\LogonUI.exe
                                                                                                                                                                                                                                                      "LogonUI.exe" /flags:0x4 /state0:0xa3fa4855 /state1:0x41c64e6d
                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                      • Modifies data under HKEY_USERS
                                                                                                                                                                                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                                                                                                                                                                                      PID:5040

                                                                                                                                                                                                                                                    Network

                                                                                                                                                                                                                                                    MITRE ATT&CK Matrix ATT&CK v13

                                                                                                                                                                                                                                                    Persistence

                                                                                                                                                                                                                                                    Pre-OS Boot

                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                    T1542

                                                                                                                                                                                                                                                    Bootkit

                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                    T1542.003

                                                                                                                                                                                                                                                    Defense Evasion

                                                                                                                                                                                                                                                    Pre-OS Boot

                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                    T1542

                                                                                                                                                                                                                                                    Bootkit

                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                    T1542.003

                                                                                                                                                                                                                                                    Discovery

                                                                                                                                                                                                                                                    System Information Discovery

                                                                                                                                                                                                                                                    3
                                                                                                                                                                                                                                                    T1082

                                                                                                                                                                                                                                                    Query Registry

                                                                                                                                                                                                                                                    2
                                                                                                                                                                                                                                                    T1012

                                                                                                                                                                                                                                                    Peripheral Device Discovery

                                                                                                                                                                                                                                                    1
                                                                                                                                                                                                                                                    T1120

                                                                                                                                                                                                                                                    Replay Monitor

                                                                                                                                                                                                                                                    Loading Replay Monitor...

                                                                                                                                                                                                                                                    Downloads

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      202KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      6a16cbefd2e29c459297b7ccc8d366ad

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      68KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f0c27286e196d0cb18681b58dfda5b37

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      9539ba7e5e8f9cc453327ca251fe59be35edc20b

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      327KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      1e2ee40c5ffe4aa418ee58f9007792a7

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      f28b05c74e22d0b0ffb9552c8bbfd122a03dfe87

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      ff9665f206508f2662d1b4137ad427d6eb983f8cbf86d5a28e68ac116169bb5c

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5c67234e24e394c5d02c80e26514b8480a2330cebe98fb07906c035a868714a00c8e2845c9f26d13adbe3f5de4088c913979d46ff2a0739b0adf9a35409b7672

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      133KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      882137361e714b364468b09bb8a5ab37

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      6e0d7bb4d18d847de81ec96511a0bdf2d6ce7663

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      ac0c2ea45cbfa4c887ab3ae3dd8e0adbae80eda8c26c19560380db71796aa6c5

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9445ad07a4ad54edb0428244fe887f17acce86c2896bde02e01d6d2037af852f1c49ee89a3d30a10754916f21abd8dd7e9fd16523da9f82b94ebeb0f9a40a6d8

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      2KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      518bb268123ac4927eb6d4fff5dace2f

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      904f30d07ce0828eeee51b553881bd8268ecca85

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      243440191e3f87ef517b84b75dde134fc7c2d55302c604da2a44065fd4981dbd

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      bdc5b24d1b30a2073ef6c2be5a83465f2e305ff7008eea78cf86c225a24ea5565639cf03ef744ee84b40c380ccc34402492151bd6c2a03fdba73313a1421261d

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      168B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      59856fad34cb09270290650d3760ae4b

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      7fafc11653bb03daf14f737abcb95c73ad55da41

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      64a3ef308ac4fc6ca116943c40039e13519463a8f1fe8a25f05e65e330cbdfff

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      de0313c446bea65eb6e091703ea17812589ee6d4d2556fd2677ae8f0010d1d0e4385fedbda6645383f5c079c112861720fe1322b771aa2d29edc6e75a9cd75d2

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      168B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      3c9b5aed8b3120cbb9fff231bac0f3eb

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      96b7f04decf5c75265875be14b8737a327eb0966

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      fae962ea49198b35673453538aadd605c13894473d498f2813e791ea85578866

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      45ab40ac197888de19a031caee5a12526c439ccc9b12f6bcb6c7e7e2eca020616256946220c04a6d206509645c786d58c78c9303c76fc6b7cff2fb444d75f899

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      2KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      fd357de6c270db923745711d9ed6e931

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      aac7891a40af32e2a1a2f720e13efec60f8a827c

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      7b9e95e91b72f79d11fb3d925a4865d29cb8327cb1ce2087b7922dd96f6273aa

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      4ff9a921c52dbb4225ad92514a2818b3a23d858fcc132c94a516d34328366dc0dde9c915dc12da34465883e233a577a6b112da72eed29589959a69c74c1cfca9

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      2KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ffe7402c76e767fe37eb22031f6b40e2

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0d9d70a2a86bef799675471044dcff48e4126655

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0a57af5294093f53dc4d9dfe4db9686fe728fe2b3b9b796fe3aa5fd02eea49c5

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      f0d78ad4288a50d21689a6e46bac127e385b619af9f445c37fd823a7037338f795eb73ce01e557b09cf8605a58be31405a37ad103c1dce2546f61c831251007c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      2KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      95ee3d169d6453bf1d80e1f85d46e926

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cd152d8f371df5defafa80e8fe3663ed337c8329

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      4e186ccef82cb5362c8461fbf11cdad820293440ed3c0580cee81439bc604c03

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      506bb02e69bf0700d4132036ebc4b4620458eb067706c9cc073f4fe41c58078987cfdcb8defb9c919ac9b483b1ff155907a70f22eb20307cf171f79fc22eb7b8

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      5KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      9a78f3836b60bb937d78af03ce1a00eb

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      b8a486c7357fc56c67a4cec87901af6150750127

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      65e7c347c4d67145e2c2e5ecfe388bf60d57d1cf81fb5ba3acc8c8ffe82a8502

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      7115cba06408efa39db7ebc2103bdcc8d8ef5511783dada1a0f1e51b34f3bd93087a37506be2cc96dadc978ece8f81577adec852fcbaef3ea78e70258340d972

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      34cea96558c1bc7b77b8d878b2787512

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      4dfa6ef5aca2b9fba18c95c48aaef0946e85e958

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      7c17b2023b5aa34d11c9d1e6541b2fa6f087ae06350e16c2f3dfe66b17aef637

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      c885435fee63f09142d2ceb9bdb7118bf4e8ed86f6d940ff968f7dfbff21422f0e507358d0fbc0a82c1a119cf6a66b8bbfed87e5e063c418ac854a77ba959205

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      43c31e1ac2db06dc7ea346920eb502d5

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      164956941c0e3d2a9f6d27154ca9df3037654bd6

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0bb45bfbd6d76a7a309bd76f562467090b43832a7b9cc8515fc14ab8e74c8f62

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      c144d8badb61b90bd2fccc944edfc69a6ca151b49c86653cac36c5054ef7473173536d14df182dc52b90d82bb23e4c5cb301875721799f77f2ae6cf92237d993

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      2B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      d751713988987e9331980363e24189ce

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      524B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      c67e553743a058e0a959f52bc248553c

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      dbed2cc8a773044de30200afe9d2bdd784c8a0ae

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      56f1247fb5885582f32e63e154de59406b78b9b8c882517f0e564dda8046d17b

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      d49925dddefb191b5b2f93963307f94eae4dd9faf5b1acc19c1a62da7a0d55a5206b645fc975000b8ddc5c73ca4c226f1a2b5d5409b604efcc7926a1795d7f0b

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      a5882f1c43e898bfef02dfa4d66bf8cf

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      df242456ba54cc94c3b1c969c309b49dd460abb7

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      02f95087ba34ddc37c5e949dcbcdee903bb4baa666a4e9fe851adc49c39b43df

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      950ce607bcc1a78e3c6e5e2fdf2e8cf073984cff6b2816607a509338f29af0adf4fe5a1b44d826b868dd91e631d8efb26397d7fe840cc6d221c2fe92a44f12de

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      12dfc79a3e0a41178bcd3c0a41d03755

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      f6e6ef68067ad8e0bb60c301dbf94177075a7523

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      24fb1661033dd4cdb5474f6195398ab67fc34eaf59ba4a4eba81866792b39c8e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      4e67861ecac44226ad33d45c707e6cf15baff0d797b09edab9157bebc61fda0478b54b53115eb0eb0971ed954b1f5dacadc88baf2282aea7b41e9a4a65e0e6d9

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      bf4827d76ec871ab6d760480b2b13759

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      d8f93a35d16f29b46fada292f9083b97df9223b8

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      068492c5e8af0c3017cd92f28b6042d155278ae01f87044a68055040617ab1ca

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      343aee491d322ba71db2b4344ba64c4c1c1844d3fea201402a004393892ac7e1883615b44098f444e3abe27782ce41c5e8bae805174fc8ada5c955d7fb6b2a37

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      356B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      948fa7be6928a781084fa420d91787d8

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      80ca0737ba138f905dde0c2839c0e10ad86d6a22

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      a26120675ac03c5a438272fbbce5e7c4c1d0d9776750b71beee02a8e184bb98e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      597ed639d68095c49f6f3e3cd52b603783ac1bcc32f247bbda61799f92dd842c8b8e220a58e4049f10c54e74677c73baac371f107a5135031b5b8827d40bc6a4

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      7f6d57f32ccb2efaa8f9994975e1e48d

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      13db0eea587a0437b5d8f0b1c2042c64cff7f4a9

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      aa4c8356ecc4df84ca1e99ff9d786452bec3392665f6c05756a86b3c5b59fbdc

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      2c7c6640629677c92a69bc2bdb2554a6da51739f1d95ecec7e6ba8eb46d9b10f7e1bfb91f0260d6a3662719f39611fdfe8bc5838eaad0bb305409ca788885a5a

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f731ef60f3afc61afe5103f08759d95f

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      ed186e2b374e005d2ed078d0eaf74f62c92eb130

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      c5a53731ad5f7971d303358cb4d31ca8ed8f55ef96cad2502160af0a7a824904

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      2374fed0dac30530ebcb2884969bbf18a2c38f7a45a0a3571b6ac5cb7f95972a9453e0d61c5235bc8b4a1f802e6ffca5d58685d2b7803eba526fb850d4946663

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      24d98ee8fe46ecfee4edf78361766bc5

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      3adffbce8cbb161a7fd4425ccd1ab276ff17b5e0

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      cf714a72869764ba23d71f042b856a88888c81d9cbbdc28be19a8cfbb99aa755

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      cc5ce9fb6f03306d3071de0090b03d292961f77c6815c04beccf484899c2f4b254890b89500fc2a126ca4148bb9557839034924b5f7f2496dc91167dc1a08927

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      9f5a92700a154b9ae0ad1cc1b0297114

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      a7d77adf4199f3e9cafd5401bf5e749fbf04844a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      336e2a3045383854b4ecf42f9376343cd01e54cf37fb59caf303b4f351883b8e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      7ce204d7180f2ffd3856f4dc36a644b24f22ca57ddb7aca421e83537e22579611795381ae37d1a679333786a802adb5f9e3049c8c0f56607782b124882be32da

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      8fc1da577639163049abaed9051fdbd3

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      90e1a362f99c1b2b463846552d3eed024e06558d

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      df7afc6ec18337350dea5966bdb3427f687799693491301455d87caf9bb2080d

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      bf5cb374b9a9b6725a852af3688412daf93b19c7e25f55c49db17ce2cee2f55ac0a785f2ab39ab704b94c34821fc35725df50dd3597fe568d7db1a910c240627

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      20480ef611e9ab44a5d16dcdebf4a550

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      52ec4318cf1bd61b705fb90202bce5b942933874

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      3623e03249d00cc352a3d70bb7425e80fc00f4c2acca149ea1b3b3ca99ac1b64

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1ffa05243f8f2c600e52cf57b08210c4ce5a3a11898390eea3a4ff1db9d42056f0b98f1e8f9ddc4205b36cee40d4773d2324f37c684c953d161e78264544a030

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      98dbd1445561a0531f93bf56c6d26055

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cea5fc160d3e53b3128b1513e706a72cae038037

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      1775c5b7bb61e7e65c89932c0b49e3329e17b0d007273489fe7e45f9200f5bd0

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      4703216eba80a7053d4dbf9bfaf2b358dd7075f275320cfc8ce5b8912158b217c78aae7bbc5fbb5e8bea963f2e691c8e031b75798bf8cbd6f366bdbb3288aeeb

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      c06558f549b24d72ec3a5efea1f2c3e1

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      e87f083f1f43ca928a4e5bc04fc853c63b2414c2

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      777718df6defc899b4ce6f6c23d74f1f17c7fe85b640ef649ecda0e35cf2e890

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b6ca388fee69965fa9872cad4b852dc313a9484532b903b3557c319ee035e1f933fc7895622e5a6d21213f70702e957a892fabdc203ae725f18d60ac108359fc

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ec4fa43b639427cdae4ea248bee79c3f

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      82f824dc15c806c060109828553d242c7ea8c241

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      c41307026ae71aa0ebcf7b4e2f3cd22c7471dcc5f159e7a206c760f35615cd4a

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1035eab62a5fe53f6330613f836d29a2f3c4f3bf04be6159091ed448f79788e6320646d6294b79ccf1dd6e3444c7b3d3ec0a331b32c2edc4074fb0627162f42e

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ca1ea9cce1090b994aa3ba72ef86afe8

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      7bcd56b12d5ae538984995dadc4b62df0f69b409

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      882a0650dbd2a8bc3796e7447a069393d0cbcb684b04c678e0a84bb01fb040bf

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9ec9da04ff37cc5245280f28b7954ada831010655c55270ab058b43a124caf60c1d4859dc367b7ff5815208f964914afa6e3c634303cec608dd6dd0df2823489

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ad40d260beb0c6e3a34e1b60502a92aa

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      8d3848eeab86b1e706476cca425950cc8b6c5e9b

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      55f3cddf739451f376f08826370b0846dc30399a4f3b0af8185588220a49866e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      2ba3a7f0f7725ad8f49eeed7189efde62dec9432f48a086df53839da526b424f323ab94a8446e5f7a264ba10bbdfb456887c2a061bff3cbed063bc2e29108f2c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      16KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      1dc2280fab9aaa2a572aa1269947aeb0

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      79204f5f0ad7db622432c7f2a549eb6dab1c9b29

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      7207e117a8eff460cbe9f345d2275019c0b72d21372cdefa22a3d2a2b056b0c3

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      6f4e4c6337daa170f07a4e8126de74943dde613d3043418926d11b5aee4e4a0bf4d1034c87816e693de0f05616e098d66a8f8d6ee89c1e9a25a027417ffab27a

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      273KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      7bc62fbd932c4b2bf491bfc06eb791a5

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cdd5aced156828a1826affda384d43897dbe59a1

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      80442f16629fd8167d584ee896ff51c7050af88fbdff87b3a9663eb48d2beb17

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      d50905e4742346df42a156591359b375f41eb4acc683cdc1efe689da61f3f1eaae32a441f394c7a9efadcd9144a50f1896b6af791e1b56c02e4f1937f47670b4

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      273KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      8e80622cbcc4aac1f0a4bc6592b805be

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      b96c715e147422e7ac669aa3663cdf78738497ef

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      1b3069bb0ba5fc48788b60d76dc38d73819bcf8c80ba03221e1a3f896d59747b

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1c84fb97e4edc6ba0a24697af3248d18b097613cc9a8452346e6dfa75981d625f65da401087df7c2fe7911f85742aa020772f831725e09bc5aee0dce40e7c82c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      273KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      dc4bf0a3d575179624e2c5f58f8246d7

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0f2fa0dd852dd819a04bb091ae870815c2976142

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      3144710c06a7782f464f177e46066756ab716efb15dad24209d90ee658087f04

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      3a7df09116da1e64e09e60245b169140d8e216da49174d3581d0ade9661c5d9a0e17ddf836ead84d7381bfb97eb633748c9aedef90a1c54ace17bd80bbfaade4

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      273KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      a246f609442e462f2927f67d3d890094

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      d23d501414e3c13ca4753f6d07aebb9da54ec01c

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9ed91943212c86a718dda94c30858b31b80a8ded89203cbbae5d9803615d8488

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      3ba6cb0fad89db4f6f5c1a3cbbe4845241b4b3a1093ceb8a3ebdbfb0ac57996d34ebac76c0e93eb7a900032308ea06b863c9a29270023854879d5eb8510c8fef

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      97KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      09dc871fc0a53f252dd58fda4358d5a1

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      261d57f3fe3a601493cb240012ecf666f2e3fc42

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      caf48dfa3252b1b9c9b1838a0f2ac4a08d8c1efd3b111a2df79d0b852908e37f

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      21e540121819d06563d20bf2946709b1b0435ab0d67bc5a12227ab4539797d4cf408a3ac525e605284e5c65d6255ff627a7f9a20447ddcc3f74aaff3ccd96d02

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5afd1e.TMP
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      89KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      e1939b146c85b5863d652f445ab35938

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      5ef0371389e7375335d545685b99482326ae4b9a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0440ce38e6af14c2fb5a23c9d30f4203d830dc3d7cd17ff8db3c8b54b0f65b6c

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      4b527148128b2d375d856c8046b23c4e4977196ed6b8c54e32b804715c8b7030fef88a887ee0b47065fe6a470bb43bc70d7a6f91334441d898c74f11cda4ac22

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      264KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      3077d8c4d3af5bffe841acfad94523cd

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      58c1521c5270237040522620cd0ab78fea7b3461

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9b3301085c2740353b0ed150c185c292e983a91417f351566921523265473a9e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      a6eb77ca45cb6147b7ae392a1c112b28c6fb9fd35903c2195d7699065963930ff7f759201c93a40acae86e5d9674271213d487dcdbf87dcb1bd3cdc51ab3aad0

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      d15dfaf9f2181b8f6ae4649c04546cff

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      55f11648952c3561bd2c079c95a9520117f0dfd5

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      de64ee66c85ee7cd26b806156c7484e4658c3dc479d9ddb40a9b99c28115e244

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5a351597bb8c43bd5c28c810cd5e3947647c6f8706fdad0dcb1918a83d3c020b58403db7756bc6e71520ade5676f9a2bba1c9986151a4d28c4b62cc1ce8e1558

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      032bb22b1e61f5d73a5c750aa612aac9

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      1198999f9e6a3c3a2c12d1ba13fcea12d684aac0

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      17114337cd38e72faabe58a8eb89a47c7106eb411e571e06048ab8d5befdf191

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      642909034bb25ee32504bea1709e4533d4aa62417d9903ee9d8340d7a3e0ed1883d4c760dd389eb75ff8fafa946b40bba43b764ce49b7305ef5aa243c327e465

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      6c69c99cd667ed711d0ec3c1d03382b8

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      1a66f4b4ad996f8476303780676a04c4da9abbf4

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      cebc548174880a2c1f4afac6be8d625fb9c12b31cf3eb782c27cada368b7393e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      60e2ccaa37e0f3912b5d940eed255b1ad8bc0199cecec4a1a016986b3ee9fa87c1526e1e3064eb55b77b7ba2a51588674dd6a386b2cf18d2ed6e940ca0285d94

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      739dd056682d6afa781490bd563f3d13

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      8c97b4bf1ccd5c4bd0f0b4b91f7de8dc31d10d13

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      4f41ea0044b0c4ee2b743166f4984393fd18ec0b2e0c7a7a2e341a4c433a8ade

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      6f8e663ffd0e4084fe740d7c580c947067928dca191ebebdc53a2e970ec1816d1a0d00a8ed83a92a5e786489591377265701b28170d74b876a1bca2459f95df9

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      2dd90c9adb9d6480dfa88367ef9a0ab5

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0f751903d5e69e6841818025ceb1ff06717baf0b

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      3463fb68cd984a3b25d5a6bd04778b244bf530dfb28b3952c343ad374336f896

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      089daadbed965585751110dbdf43c2b1eb3b71176f7852a2de075ab0b21d55831b3631c78c5c6e7f12b278de74da2cdbd3c6ca9c2f9f70cf4905123758afc6eb

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      9292203348281d77b0b74c62f089d872

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      3ac9c5daf8d430ebc0bb28b5b47848833579a255

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      6ca4ce04afa7e5d5a280ec02d480059728e9e4fb9994163bfc49f63f547675e4

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1bfb77e956edd23ec0cd56ba51966d846320d7aa9646a2dec7ce30dcef14166dd1d9427c3db1787298b26ba997c8434df333fda6747c1e60bd7d5785f34d309b

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      14962f766004de2533f6e368f7ca3d26

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      5cf8f1471431b31e4f14e9ca16921721d581f00b

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      aa77d3fc88108ca9820e533d89851809738686d85562e6ae98fe62be1f95ec9c

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      66ca833f8545a442971c9d2f377b25b3e962e478cb2ebb059314015feb2fade4779aa44ef289d0e2bfadff760c922e9b30144147fb50d9766d6ba2c413104f90

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      2ef7c02598ec79dd1090c56aab0f1176

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      1c9934614f1aaa592573bfddbf2a1a802e77a943

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      eb31ee141d70105d2386dc444f5ff674018f57cbc02a8667bb29ca0ed2a94a54

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      740974f4fcde8e29aabeccc2d728f86f7e03d7de1981bf079694e4ed7f067aa1244153fa2cadb26cab36c647248f278bfe3e7e813e589e75f46e8683901a990d

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      b4a74bc775caf3de7fc9cde3c30ce482

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      c6ed3161390e5493f71182a6cb98d51c9063775d

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      152B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      c5abc082d9d9307e797b7e89a2f755f4

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      54c442690a8727f1d3453b6452198d3ec4ec13df

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\062f7c7a-38e0-4607-a1d0-0baf2f37c67b.tmp
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      5058f1af8388633f609cadb75a75dc9d

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61e90150-7042-4051-9fac-732cd38a899e.tmp
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      3a59509b8fac80194d95c4276d50aefa

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      b267256ea76bb6cb6b0d883d7d4e19bd6c7d2be7

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      e17f650d329fe2f3e81321801548d025e42b995a0e2ba4c1a1cc31b8fca50be5

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      949f18f20ddeb0f42c81a55c22dc79f5d8fbbaa098dc183b5f96b0cd3f14f263a38b6186f3aa9bdb9ee7741cb0156ece28e1d146301a6007b427c6e0ca73b421

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\8a76587f-5c79-4bf0-b082-eb73d6addc3d.tmp
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      14fdb2d2d7070c4cc7af8f9508a25409

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      9ab43bf7d0166a88bb8cd237aa01e8421e42e6d8

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      e8c422e6f0463121daf1ffcb072903e34a14726f112ff119300f8b72c61511e5

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      c1688dfc4b84501ced3525662ad489fff867f9696aab95a4dcb6c76059858f2e9807982abcb4292af570fcd6ba110137b6a73133c130c00a314043aea9d95f94

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      24KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      87c2b09a983584b04a63f3ff44064d64

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      8796d5ef1ad1196309ef582cecef3ab95db27043

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      24KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      1fc15b901524b92722f9ff863f892a2b

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cfd0a92d2c92614684524739630a35750c0103ec

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      da9a1e371b04099955c3a322baee3aeee1962c8b8dabe559703a7c2699968ef4

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5cdc691e1be0d28c30819c0245b292d914f0a5beaed3f4fc42ac67ba22834808d66a0bfc663d625274631957c9b7760ada4088309b5941786c794edad1329c75

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      648B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      daaaef2367790333de5595587e2a7fa6

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      7ab1fb66a171787730d4ac0ba546b50428a64058

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      f95e85502e6b1b01f37879a3c4353275235f4cad2c16a534f6fad18ecab5313d

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      a9697b33b0aa3e8be36390ecbf4fd9d3c59ef77225c9182bc4ee35e6d3ed8249d0271b576ad03470fcda80e0726ba444dab80cd8d8d4119526a4acf2d392b620

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      648B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      24013edaedf0c9a66bf29843e2a60eb0

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0ac69f690487b7b0acd04848f01e7acc001d009c

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      56d8fa4af05cac7a5a965053af29f5bea36e5918b2c3a528147a77ebf15dcbbc

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      93c335a7f1bf2cea4095882fa331cc671b6e7301fc8a301a1ae2d340232446a132c721484e3f695731af94f8c951a526c49382998b008714a7fea88de2a6eb98

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      408B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      207bfa05353c4dc0bff0b26961f0901b

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0659f7c98f0bf2c8cc74c466c8ebc771c8e5152e

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      bc0e3d584c8fbc27b2f2f8e5da022debcd164ed2c00fa0b44e545de8e68f1b1c

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5678b835cfd772566415e88b492630eab37b10c7c4ab93a6f6363ec35a7a0a5211beb9758ccc69526dc4b90eb8149c3e35af13e765828d60627fcd2ff40794ee

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      744B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      25612e0a1bf5deae9e490e560ba0e57b

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      602eaefccbc23937a940e668da991a8fbfad5d9c

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      027c9b2b27f337b62d633741304a40f71cd48456ebdeeb173ebe8e29ffe1f2cf

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      72f568b2d25acb05b74a6491d1ae33b6c699f845fde31ce6d0a29e3239ee0c7501091a09da856956b472882a1f79adfe967f337d9f53e04de5171a87cd8f2654

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      20KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      c572e2ed9946189a6af97afa56ad0418

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      60bd86ac2c8a1f8e5527b131082e548efd221759

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      ccfeb962d7998ccded6c48ade6ec88f8ccb1b20eb52fde7241367c2e70acaaa6

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      35b6ab3d29342dd45b0cbe1b214e3d9a4125a1c521918a05bf9f9b1fe9ad396f89eea2eaecb1fa43115ca402dbd056a4f07ae775aa62e91b220eadd79dff0f49

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      20KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      af31863518a47f873e1cf9f792ce23e2

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      48ea66981c56eb3a61c589479409f9efc1c82c08

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      76cdc56eccba3ae5f5875cb10f0eb496deb907029d12b7cec7deb6163ad1b908

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b0272b92b50397359fcc6278a8c30cc2c85057128f4df13147a32195c40e62e40c7631addc825909e27b2945423709806ad64b278faf06371e5ad047b2246f01

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      264KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      052a0332d7b20396947d4a93d3cc56c5

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      8e8cf88fd0fd7896c405bed87930002f93a8c129

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      fca8ad6b2f1a9ce1c0f6cef2e19a9da0bd7a9841f2b51c7df1245c81a492973b

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      611eaadea1ec838113c7c1ee02dfc1e31fc7c3a167194bdf676d2d4fcdced6df583459ce27020493315b80685f9c4bcf6c519f8031bb7414d803f275453eddc2

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      124KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f2ab0363d0a688b530842cc8c70b9ed4

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      5783005a79157d3b59c8617f9bfc9a48eea9a60e

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      f8e7b5befe07bb4db73f44ce2a934054574e40660e5e4b4a83bf2c02958de5a4

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      28c24aec381f56a4c52999ee7d90a69a44c48b78148a745448e6c28b93fec20958b8624e33807db0a96dc7b0c150b7d558320a343ff2f79a4714f0143182f70d

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      2c63354fbc678577989372a90456e4e0

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      3bcaea0156fa48b2d55142bb319919c22f3eda83

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      5b79e2d8b42cb3f34ad7ea6d6ef441e45d8a5036637ebada9043f095223c37cc

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      7a94ffa4847798908479480cf05385e7be3f23da290530e0f0f49f6167af095591c8b57e3ee63f2946d7a3df2e8484bff96d78219948b32d48c49dd439c906a9

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      2KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      62d090d9850d0a827295b7e6e276d376

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      94f319b78d684f7d1be66dd1bd60c07c94b859cf

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      448bb33674d8d7105b8823f7bbd2884fbb1039aeeaa5a07f074db98781d94f3f

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1f4c7ce4f4c37e0ab916b5f7ad8a51cc7a0c8bb6e751c0e76442b7cc7d4564356104e6e87493ca51f57c63a6fa744c08646dbacaa8aa1db1c1bc4ddfd0a72fff

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      331B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ce7501896d2c4d18f5924dbb81cdbba3

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      d13722100c039ed00d7405ae8e9d96170eee309a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9bfa83ebf55798063251737faac0b2833fdc2be9d95757bc716f216c62a905bb

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1480dbc0a89a29276288d01a967be16b0562a1b56a2f5903d75f98ebd7e3d1e16f021e2989d07463996c97709dfd18dbbfdca9c2e35f70e0c4bca0b56eb292ee

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      111B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      807419ca9a4734feaf8d8563a003b048

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      a723c7d60a65886ffa068711f1e900ccc85922a6

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      b298effbaca8714c1ec498c9c2ee5ecc

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      6347b44f4de7802c6ad95aa6b0e8384352b326dc

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      dabe5a6be34d6f55babcfb73c8306dddcece2ada2e61c8a7b97f675edc6308ce

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      495e1d8588f2c444bb0c9df1b9a30350249fe68e4b6be85835cd30453861ebd90399f41fb43d34063c04e8fbdde7f5e8bd179b4bf4884b22934cd1dac2fd8dfb

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      56bf131b76a6aaef07af2a1efdc914bf

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      2749ac6699cd06d66d09c5cb2c23764caf46966a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9ef297b33abd482e3331838c7c8fd9a3c104530850f1f392bab836d39c35b2c5

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      34883a08d26b4e8797e947e1ca01d8911a4a7a05afde421d69b7614256b10471dac5ad1149009c05e530743b13739c0e930adafa439433318a3413884eaa4a4d

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      841bdf42a37aba49365912b34197eeff

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      b58cdb5aa881eb6983de2a38f273cd9720ba2b30

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      4e9733131749c2d3c60a1b4d2113751ad2dac12dfe9dffc67dad0d810d1eb17a

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b792da4a232f5ada644f9703836b06640d997496150fdaa061b2c5aac671e054a63b3ebdcf0cc8654d4426e47fd1340a1731b4cb07ad545d153930b77ec369fd

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      654ef782c0c30e69557ea4b2afc837cc

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      150b806ab8106874bd5a915acbb48ce68b245afe

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      5e6634441deb4cc3206dec61b6c2a2dddd4c2b6e88c2122c124a66f8df1ae04f

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      7010e3afb3e7083a63fd81b9d671e09dc5ac978e17c59c861d08a126fc7950a22a817b760bcbd394234406f69c87f1abf29852980c1d18986a6fbc190b0ac730

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      4a04f92f510369b49f2001d8ec7d7a09

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      14fbd5ed390c34d07ad60cb6a44051935fb00312

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      5cf1a40665a0dbc9e1f05c98f78a59df9240946ddf70a891df365fe324ad1235

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9ba2fbee44d1620e37face4588f756bd7f8db7ac0b4dcaece58e4c484d70de5902bd7585c878624d42d1a496ac65329799f1b4d4226c58f9fb2d2628c6c90364

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      3KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      fb93cf2e4ff95279b3ab0c1ca88cd6f6

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      aa80a5fac8710e4237f5385e04058b597f8820eb

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      89aee16537a847309311db23a553520994f643159df06651ed95234cebefedbe

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      47443c7e7b49ec6d50174483e08ebc5e4423d4a35130c30edcf2b6c4e30d53fd128f66f0c3aa5a8a05bbdd45828a7cce5f7529615d6f2b30fcb10da457398a31

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      69828a6327cc1e91f1b2d5a2a4cd614e

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      b4e4b75fe8b4484834854c83d7797968f7d6c441

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      50f8ab9688582517fe8121d58b30c72c2ba8da771f2468bdc4164cc1ea0377d7

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      7452f34d161ebe2d77124f3318112d4b02e792853349ad5c32942ea477cf7d759a204e9060b0a5822e805e2bb59779dd16a8135c1595ed58fd4ef6594e868b26

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      6d7d331d196ed94d40484ed0c8f3fc4a

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cce35853c41c79ab48f0c35c283112b05724a9df

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      bc5b9ac2e1ed4d55acdba987e70b7017b291c82a669970901d519398a316f604

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      cb8218085744df2695cf82ce92a67931437bfc42f74e91207184c0c81dffb2a581c2dbaa4f454e17affa0a526ee41e7e40d70dfc0faf391506632dcb43320fe4

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      b89189da739344c70fa4fe07f27c21fc

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      43c5de6519e8962d8c26e5c2e36b1ff8425336ea

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      f923a199e68939021e1c3f9d0a5743244943fb8c86408c63294f5b0f445a66f0

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      57baecae46692a2e6872c0378d2b18218bc5a12a8761f2b2fc4457764cca07cce983a4a3c61f7c13a2c0dd0bc9958e22314c0b0cb4b91903e635aa5435f90d90

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f3fbb43ce5e91a442964f3ba7491b3b0

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      eb2565d33461003ce7367b1d4e8baeaf1bb51243

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      86b30c4ad72abb1dd71d93377a5cd9a5906f84951859863d164df4098f79d0b1

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      deff8eccad1ed26d5024f2644267a704b029243ebbcaa0e84820a06fe4858c930f24fa7e5b913171bc610afb790ddb23aa62f97dd06e6283252f0b47b33d63e5

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      2aa32414fbb5c5d2250f60e041d89373

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      907a8174a5d18a3b65a9f1369172388c1070162f

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      2baa8bd8f430b353467282ef7f19a36e612a20027fba66d863879ad87b1b4bab

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      d83aaf0d3c1787c47aae0880a71f0babce652411879cfc50121611d28852fce57578ec8864cce522082d4348e456105433159b6b0fbaf8cdd045eb77d63bb40b

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      9221e4be55585a90eb51b6d3f5bfca22

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      35ca844cb117c17cfc650a2c3e140c3a4c34dcd2

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      dcb0a241e8a5fabdc6d5dbfe09cbfa1cf27eeea8cec5edd2a21f0f6973f13dc7

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      d62787a2a7dfb3659fdbf5364489fb05dbf45ddd1ebac4bb5b078742d09fee977e41edfc78c931d60750a56342b76bc6f421f49c692c3c552cea288ec48855f2

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      1823aee4a1b58c01a66b69d0634e86ad

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      19fe5890c20f0133400e407af595f501469d8bb6

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      95d4b9b6ee719f1227f16183eeb10c6367bf67164477a1aecec440a4ce675b08

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      ec625f246cec2a0b18ce27a015a71bf58696260a2f31b51b8919e7ccba8b4f5723b1342ed5bd40de13c6cc5e95fd95ff60ecda2fe65cd77b766f6bf88fd8085c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      b81be16de0a69c5431807fe59b86e763

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      da6a69e4a0d2282353f68c8dd42e20524d15744d

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      50c5d081db7409cd3d8152b141983bc475a3fc416eaee7b390bc426aadae69eb

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      38b04b55db0ec0c8d27396f5898660cb24c43d1393acb02b57fb4b9f81ca03cbb5fcc97c5a97cd89e8c05c8adb1d171728fd9cbb11e1bbb4c035cc424f5f86d0

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      1da672f688f91d28ad243edc544ec62b

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      6d0c9ab0f9e022c02924dae37e8149c46bdd49c6

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      34cd3dc3982029f1993c6392f7fe221dfa1c311a6b5659ea92c91c76cac01af3

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      81b5f5ba4a4bbb010c25073d36a4cac384553f78bf8c091205f19e403cf84f56c6a5ac3e2885fc3c0beb263de44b869ccd4caa839d08d618b9ff438ba71cf485

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      c128d7e10c234c5b13cb905911a945a6

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      18bac1063a9ec8b5adde840a794b7774c7bb226e

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      cf7c9bfaa60e490fd57ce078111d476b309a6918cccc5fd0c7c978ebb4864d4e

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      08cc07f2be4222554828235fffdc84d3d4adcda50a43677c6e769dcae071b5a11900fbdd107d1f10670d1f784d0e76d1c66eebba62874d3e52bcd53154564f3d

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f30aa38e2909b9d482749eae50a0dc09

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0526d557d1ff082fa86f53b8846f7b99c5eec84a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      6dd85b73ce2f8c5dbd020e683e98adfd2719189045cbb0a7ab01dff60d591d26

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      d15fc15bfb5d9bd2e25efb83f5221f272a7da8da53e6224610b695820ab4c00a431b5f0ac9cf275f9e6e3c8556df49fba2aeca59ffdcebf5a0d6b15f48b43098

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      88c897dc4ebe210d962f9e2b0ceabe24

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      2942b41f1fbe4c981e36560dc0768ac950658462

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      6a5e7dd0324568a58255f2d6a0153af0bdb97de90fc0bdfd6bb6c93cab3d0fc2

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      61954393d3777d4f1ba78940858240341f0b227b3fbd44851bceeb3c2a55867c6b60d3b6da92a867c112c97d7ffaf6eb0b3b7b86b59504f9f0df9258018f3823

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      9591e56a5b42ad0f6eeea4d0d07d0fb0

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      693cde84f50f19e4b7f791b370040f405a73b755

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      3f8c88238d2e8fa8b0e4a76d21d6fe1db914d1ef095f82dcd718c305f40bd2ff

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      00783c51ab3924c25876618d1593bb55480d873f00a9bfcb3ca4dff2fdfe793bef9af9b95df9afa721b654daf9af7452144dbd9a768b2695d94c19e5be662f10

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      30666277e5eb1395ebea2da46f2d163c

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      7ae1dfa5ec7adad2651bba2b47ae6624567c2869

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      a9e53408b94da7425542d41f368c46e558c9aafd387711099025a54562ec0c91

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      99bf703b3bad571f7d9cd3482499347fafb7540b6154423305125c21ad30f828d0dc5b25bc7ec684b2293d3d9ca41af3698dc50876c8c869b453494ea036fd9b

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      aff1d725ede5104cf0ae010482faee8d

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      4be943b83bca6fe88795fcab0cc6cf8e0b751986

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      6dc32c6b9d8d7433c5f2157205603ced25ac7e3e2cf4ff933fde82e6ecb8126f

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      1a403bae54775ca3f06b2e27016a37642e12d4e3f24b7a8022945bba864490f62ca05a0a169e788acfa5efca6aa4d53139126bafbd9d4c9cf71ae7d78b9eda74

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f5ddcc2e28feeb37d4e9931ea1e9ae55

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      607c21b56cb903c808aca07855fe1cfbeb95175f

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      b64c501d0cf78b5bbaa684a662ad84a17e49e21a44d839f5b6fa4f8c920c4ed7

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      8a8ff9b2381dad91bc2e6f317e17f5ba8e90f96520e8ee538a388519495cb083042522d7c7c74a5339745fc3c09d48451320736bd60072abe225a40a86f23214

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      24KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      5e7a3d52ab1ab706e22da05e1076d549

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      dda8e37de040888079e278f195d74339481f5025

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0ce72c90b1453a457ccc7fc026dbe17062258ee5a2cbd7fd1e131c5a51036a62

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      becd5125632e852c5bed4bf6172b850a4da4d8ad21778279b6a1cd16242803548a274519cb09cde492289d80ac952a16131329a97f1dda04f5bb6ec15c6143fc

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      26B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      2892eee3e20e19a9ba77be6913508a54

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      7c4ef82faa28393c739c517d706ac6919a8ffc49

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      90B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      e3cbd104db51adddc6add065d1fdab4d

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      88a50365860ce45bfb6bcc419fba79bb9bc08df8

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      204cfd8049ebc97b77ca359dac7f7e0b2c694aa273de2c38441cc3c9b1fda73d

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      e2197906eb654a958a2adaac8f9375e904612cab2cc06b01355f3cc5bc8c7d0f37be8b43f530216eefaf374629a0cea1a8fad717e7c5e90a6cff34e7ec3d2bd0

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5bebf3.TMP
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      90B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      f94798866c3c5b9504549f66873d976a

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      8d4f93dc192f1e4b1f5ad6116bc680f2b43d4e90

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      7043331ba94e02a4fbf9f1060fe3539fa64708d8b239bda41c4cefe903c5685f

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      4d4101c7a1d54e899552938f8d66a4c4447a00141d93816dee71f7ddefc7ba5635357392a8915d151ec8a079a520349d5c339fd7a8eb24e7c975821393dba8db

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      5KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      1bad7ff6869e4a965383cc7dbf8369e4

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      efe8229a1143a31738f704d1361c955499b075ab

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      8e0ca837a485117f666387e1fdbfb86f5b0ac98894b7895d5f61397657bdea9b

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      2e9b9b44ce7938edcaa847542317dab34214635fb5d33ddd18e02083c324ed69b51066200b5e150163ec46d1133a1305a31c3d6a432f2bfac98c514bdc1b5fb5

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      319B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      329ac349af69646e6624e298cf8e4a36

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      16b652d5215214f8441f63f768235eca667f8467

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      aadaae078c1669c77d09c53759063a56da579e3e3f288d896368d8ea573a97ce

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5bc228307693695af24727339ee094d0d4ef6286c577c52ff312b61712c32b6b11d2e604ebf9ea3d0743baf9b5a153888d7d790b67627fecc3fa278ccd803997

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362668758631338
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      6KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ed264318863f5ab62a02bfea925625c6

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      727faa1be5566c09d928160663575c6826b86d0f

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      46502127e26f801d90fecfae430251de177b429144b7cf24faff1b7d625445c9

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      3e2d87bfaf27d8cec4d90cddedaccb23f7fd9972b7d2b075b96e913bd591bf848bfc8b2de47073a3d7108fe153958ce652d39a1bd93012858eee02670f66b707

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362669017945229
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      7KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      25b8279276e3e8eeedc0b0e0a48605da

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      666d4fb4c2a7f2cb985a887f8c21fa0ed0b92828

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9a9797097146c7cd95f73000d63fac7abc0bfa98fb256936f7a7c3e35581cd10

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      7405c9e1f594b7759f255e764431a70ab9464c9872c8e589f3ef4488efe84c7603b1887797ea09da9270adf957292adefd8b768221d80ca6361f46c061cfb019

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      112B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      a3d85c7d7390339e58abc7da1998e642

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      56bae2325ee8c9fbbc0d7b58893728dca719e3a5

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      77665f3eaa0a3850664047389e49e951d65840afeb224a5d1852acc059e92041

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      0afca1af6fa036a9dde9b9e1fe9d0e51e3f80b03af58d68b8c55e65899145449eed2f8c0bc0d13bb7f4361632cf2b57e78e3885a977b374e5df27c09611aba93

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      347B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      b8c81a4de2e90e0f1045198dc31f4337

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      39d117c74a5ff9731cc553501acaef7e5d354d6f

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      6190535d0114c15705edca8aa6f52df921ed2d02b8ec4bc5328c782ad03edfb2

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      97a756a45ec40e74e753fdb626cb7f88ac46b04aa7dcc33fd1b6b5222f3657ab3c602e7be710571ed4268b23172db7214f4aa414dfc2ec99589582de47933373

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      323B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      965bf8bb6a1738fac7018fef0ac54e5c

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      bb07c93dfbaef2da6d5252537abcbfc26ed63d1a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      cc26900b502061b689ebe74ceabade45234c5611c42a42a63ec00882288e51a0

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      f25249c34089bc7822cc9db589fd39346922a4721fc1b81acb867be909918b2b90456102b397056598df8f89b6d273477368f1bb0ecd1267bf8d0233cf13c5ba

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      372B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      41c454ff4df7536c7314aa2288d6a4c8

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      fe97d0e73ddf4797d7cf797a88133ac8851f4a1f

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      00bc85f57b250776a768786b340542333a13903eedae17def082d0d0f15a3a16

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      d12c59a0dcd941edf03fdaa5ce7729c7caf0c10c3c5788cdb8f3b1a39294c84c7eb108079575a1f9c31a601f926aed2c521ae03dd3494ddcfe5310f563dc116f

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      372B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      de574167c55c8dfe8008214eabf50021

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cccc8f8bfeca84a698dc0727224a1c4b1a264646

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      68d2887cc67049f8d399433b6500c4cbf4433479265a3f7ebfcf23b558711076

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9155bc3ec9f1f2e13279768d04805c36be8e3a8c889aded05b5c05ce43924e7e7db8e58ad6215da0ddd9c3829e7e2a4d6f73abbf82eb0e684154d470365e4f81

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      372B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      e2558e4acc5347d2a7460cb1e0c29434

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      3d8e82f797a10e7a01236fd88109da18a32ddd4f

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      15adcdbe28a59aaedf2444ff007a95b3e46e394db1c531f2c53a830c4f5b7112

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      2c0a4c337de568a80f3d1d3c086039843c9af76503458f4d680e8e97cac60e8e8a0b409e1371375e57be3691ca74570cea17db6ba82fbc15aba9e1d16f5afae3

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      706B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      8aadcc1b43c3fc11314941d19e93f9b8

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      92ec8ed04618e76f5841ada52a95b512ffd31d33

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      5ed0a4d548209772f313e99be095c4858a152066f248d4bf06322b1d7b029581

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      44ac43ec7b2d0378ec3cd67ca375de76d64b6c832d093631f7e28ea87cdb3322d9f269e9ea65c0c4690762e5e6977ca9587be1fe45378afbc5c65c49ff8f984a

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5bf2f8.TMP
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      204B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      8f4f651e8b358791f6b51f09dac33461

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      1108d951eb624e27b77a81d859ad101bdf54e669

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      106ef8c6cd33abddbed9ba71ff258d091bee941d40be716bfdc1442e4a60feb8

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      c0c1de69ced006ff232001edbf7a4c580de950265ec920ac8be0f1a1c164c6097a2d4b8df911897fb63378738d0a11c7b65d576e6611d5321c4d3d59fb8fe51f

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      128KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      47401c5958b23b758ea03344633c4e45

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      d5b255d80607472bafdf8debd2b2ae772f089986

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      c503ac260aa0064dc01cfdc440d4b97592d43314e5e62cb789d7c20cc7bdc1c3

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      6b86f05c8da62da30c65a0ab6dc07a29b49e3037cddcf4dec5381e50e5adb91b3580627dbcdef5f671a2c16edb60de8847b0dd96b67ee08160489e9ba3150c69

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      16B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      46295cac801e5d4857d09837238a6394

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      16B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      206702161f94c5cd39fadd03f4014d98

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      16B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      16B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      44KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      bd1ee48ae8ffe7ff489fcf549e94ed19

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      cad5d5cb1e6605431b621fd324a746355ca3dd0a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      ad9356da23fde913d22aa1fcae1a5e1c7a24c5ed02842e119be4409670fb86aa

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5ed289c4d9c16be3f62bdd06627639fc9ff653ba5da56daeee413294988f67bdb93a8cf358371fd61c5645addd0dbfdf59a4ef2b63269449b364de0decce08a6

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      1.0MB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      d1c7d82bf9de7cbb3ccf16da026c0e42

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      41184de39bacadd41f9f5eaa16631e987fde044c

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      e220a4f56c50c34e5128697a46a47fa304e3dd77be082454642e500e9c7ecae1

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      f239c3ff19ca8378cb2417056590625a285803db6a98f1ae4bf3686a6fca3d46cb47a16765c9e4fd7d190740aeb91388f5e3a4991e2bd49284da71b87d366415

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      44KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      78362a7ccd4b3c7df819f85643cfad11

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      2877bcbd3310b698178ac5b9475ca7f138690b31

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      3fbb81bb7f92f1a100458cf800607e56e2c688794f358831b9cc1dfab2d019f2

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      80388e6c5ae6a16a6c812ca73761399b1945aa35a1faa74baf72b93a897dae91e2f16e36f1f638da2baa6d32be1ef3613267464a4caa86e7ae04647d76c02b86

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      264KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      0a675ed3d69aba796d88621f05b901b2

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      7d43ebb4e244f99e4b3ef732ea98e05fa7cad94e

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      f80bc038e11feb614530e9733a368d1806a6756fa1e8dedd50c71a206f3a9de9

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      af15737ff6407fac3ae11f90b8d49444b77c729724fe975820012f254263a49fca11627c55a11fcd33a6fdf00d8a9ef40da606ba11e1f454dc3df3006d6bd6c1

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      29ae809fac29912460f3b9f77526bd69

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      753855b64e0b531ddc2bfc9c76dd153ce9e4b83d

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      0ac45e4e5034899c28485c7baf6e5a43187d0b51c98ba4e06665b229ea08e189

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      429094ec1aef0f3ed1359bd6421b09c57752add6537a21ae3c75794293610f5e2cedac003ddcb71053cb0f545d63a0f0a82a1c2dadf9bbee3cf03ad1698d6edb

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      64d2c76cb07772f41e3c93d2df701a92

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      d7acdf7abb500eb21659f34464315b32e46ec71a

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      89200c13caf05e914aa90d7a74bd4ec68a56f3e0c158a4348c99cbf2b894bc3d

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      167892f0a8f9e8f619615a2e6d474e2b7d70ba804e6998962a0578736276a6b3bbcd8c912d22b422513e0131e54f4364c7a106b97b199478e363c84ac1db6d78

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      8cc7e95bf96faeb24cd1097896258b01

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      70f22a7d8dbb5bb9d2dbc24988b1f67e495597ce

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      494bb4274c1cc8b55cc143f746d5dc29baa9d4de8d02fcecfd04114edf1f3ed4

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      62b2c4f4e38c947f318628b442c3a8ef2c99cffaaf11d1b093c11408d912e8b1806d29a69a1e0237ae8c79315e28d6b28b620511fac82c102d6e9c38c0f117bd

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      c6a26c3351351ab879d8837a76fe8741

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      20564f16821179c60c49b33cca10a4190b412bc7

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      06fcba8ec557f272ab14dd519bccddc6c4417f21cf8faeb14315aa85ef6f6c38

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      32657d6bd73c494f42db8f052159b531ea7a30c8471e08ef407af387447da0f2a254de89e9f775f25eef3cb5a3498a7a95b68a6a7c75b600ff16d57276fa922e

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      12KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      a05b4ba39d88384908abb9ec0b333e20

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      454c2f7115caaa1dc5c2d66a4c4227173ca1d38d

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      a0044035237efffc08f85add4b78b999f180b55b6d98a5acc7c14348f62f30f8

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      65bc996b6d9439e9568f88c68bb9f6f5d1825874cde71aaf04a640e567e6d6afdcbd0aa462a45e3fb4d40dd278ee744ba37c5d145a02eb715df8b36c4c6a7f72

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      0e5702fdc25e33fa16108944410f4f68

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      2c6ba32cbc0367b84911666f6c41311f5d4ed5d7

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      72f677856ba3c26ea0024bbac46ddd19d92e68f038db0da1f18dae51cc905b23

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      721fde12cb674360d6e89d036327f96220eb9aac58487f190c36bdc4260d5c3e278bdcdf4a8b8ebfd89c2c1d69c7625617dea81afa1716ea093a07e45aa5b695

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      9f4cd2b4626accafc67fd103a7074cac

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      0f90218cd94eab7dcfb13aa8d706f3d06e8cb3b3

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      8c2fb59011d1a88fbca3eb65766b99d941b6f71286f83564789e7f829c6b32b4

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      b4054da984b86330e0d9e087a05f2002df098ae3d093b2f385ab5fce77b8155f3980f4ea630989bb3813831eb32b09ba1a19841d07368ad0db562170ebb32e8c

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      11KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      ddf7a0085fb37c764e5b8d20f9bca702

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      6c8f44560522567292b7aacc88210868e879e833

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      9308b7113d937cf4969736f33a0dc50e70f6ca39f5a381bd30cb4dfe65e6995d

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      3af61acf57d4063acf22b19b7085ee9816d619fe0338d17d355110654a480b59fe59c00a96e1cabd9636b7a9c3eaadb6be3b171a472a53fcfb5281a4e3543942

                                                                                                                                                                                                                                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      264KB

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      e70858eeb29efa951ac8acb3674ed2f7

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      bb29b4d618e791ab2f2eac893ea663453a07cc92

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      92f759b77b9f4eafd8924375283c1b1980eb0dbfab9bef4f4f428deee0cec8bd

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      9ab21892d71616222a706220ff9c40a8d9d4f7218030b9c69bf70e891c41741b01b1f009e5a6527cb220709cee759bc7a79cec2cf42ceb3db6dd8af0ca4cfbda

                                                                                                                                                                                                                                                    • C:\note.txt
                                                                                                                                                                                                                                                      Filesize

                                                                                                                                                                                                                                                      218B

                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      afa6955439b8d516721231029fb9ca1b

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      087a043cc123c0c0df2ffadcf8e71e3ac86bbae9

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf

                                                                                                                                                                                                                                                    • \??\pipe\crashpad_4860_JAVLMYOPOYCPGCLA
                                                                                                                                                                                                                                                      MD5

                                                                                                                                                                                                                                                      d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                                                                                                                      SHA1

                                                                                                                                                                                                                                                      da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                                                                                                                      SHA256

                                                                                                                                                                                                                                                      e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                                                                                                                      SHA512

                                                                                                                                                                                                                                                      cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e