Resubmissions

17-06-2024 03:53

240617-ef1fwashle 7

15-06-2024 06:53

240615-hnsb1s1fre 7

15-06-2024 06:47

240615-hkmblavfmk 7

Analysis

  • max time kernel
    292s
  • max time network
    302s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-06-2024 06:47

General

  • Target

    MEMZ.exe

  • Size

    16KB

  • MD5

    1d5ad9c8d3fee874d0feb8bfac220a11

  • SHA1

    ca6d3f7e6c784155f664a9179ca64e4034df9595

  • SHA256

    3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff

  • SHA512

    c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1

  • SSDEEP

    192:M2WgyvSW8gRc6olcIEiwqZKBkDFR43xWTM3LHf26gFrcx3sNq:JWgnSmFlcIqq3agmLH+6gF23sN

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 18 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 31 IoCs
  • Suspicious use of AdjustPrivilegeToken 43 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
    "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of WriteProcessMemory
    PID:1300
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:3600
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:448
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1584
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1596
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /watchdog
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:3436
    • C:\Users\Admin\AppData\Local\Temp\MEMZ.exe
      "C:\Users\Admin\AppData\Local\Temp\MEMZ.exe" /main
      2⤵
      • Checks computer location settings
      • Writes to the Master Boot Record (MBR)
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3516
      • C:\Windows\SysWOW64\notepad.exe
        "C:\Windows\System32\notepad.exe" \note.txt
        3⤵
        • Suspicious use of FindShellTrayWindow
        PID:1728
      • C:\Windows\SysWOW64\cmd.exe
        "C:\Windows\System32\cmd.exe"
        3⤵
          PID:2364
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
          3⤵
          • Enumerates system info in registry
          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:4052
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
            4⤵
              PID:1968
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2140 /prefetch:2
              4⤵
                PID:1580
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
                4⤵
                  PID:1504
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8
                  4⤵
                    PID:5044
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
                    4⤵
                      PID:428
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
                      4⤵
                        PID:3812
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
                        4⤵
                          PID:4556
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 /prefetch:8
                          4⤵
                            PID:2068
                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5492 /prefetch:8
                            4⤵
                              PID:2724
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1
                              4⤵
                                PID:2992
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5552 /prefetch:1
                                4⤵
                                  PID:4136
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
                                  4⤵
                                    PID:4020
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
                                    4⤵
                                      PID:4520
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
                                      4⤵
                                        PID:4980
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
                                        4⤵
                                          PID:3848
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
                                          4⤵
                                            PID:892
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,1982311123210711348,17808970029315059824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
                                            4⤵
                                              PID:1016
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton
                                            3⤵
                                              PID:4228
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                4⤵
                                                  PID:3128
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=bonzi+buddy+download+free
                                                3⤵
                                                  PID:1380
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                    4⤵
                                                      PID:2084
                                                  • C:\Windows\SysWOW64\cmd.exe
                                                    "C:\Windows\System32\cmd.exe"
                                                    3⤵
                                                      PID:1548
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
                                                      3⤵
                                                      • Enumerates system info in registry
                                                      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                      • Suspicious use of FindShellTrayWindow
                                                      • Suspicious use of SendNotifyMessage
                                                      PID:3536
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                        4⤵
                                                          PID:4492
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
                                                          4⤵
                                                            PID:2452
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 /prefetch:3
                                                            4⤵
                                                              PID:3420
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2888 /prefetch:8
                                                              4⤵
                                                                PID:4932
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
                                                                4⤵
                                                                  PID:4220
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
                                                                  4⤵
                                                                    PID:5080
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
                                                                    4⤵
                                                                      PID:4920
                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
                                                                      4⤵
                                                                        PID:3920
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,6753418409688205930,2402098076850788932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 /prefetch:8
                                                                        4⤵
                                                                          PID:3372
                                                                      • C:\Windows\SysWOW64\Taskmgr.exe
                                                                        "C:\Windows\System32\Taskmgr.exe"
                                                                        3⤵
                                                                        • Checks SCSI registry key(s)
                                                                        • Suspicious use of AdjustPrivilegeToken
                                                                        • Suspicious use of FindShellTrayWindow
                                                                        • Suspicious use of SendNotifyMessage
                                                                        PID:2412
                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=best+way+to+kill+yourself
                                                                        3⤵
                                                                        • Enumerates system info in registry
                                                                        • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                        PID:2540
                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                                          4⤵
                                                                            PID:4104
                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2200 /prefetch:2
                                                                            4⤵
                                                                              PID:244
                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2264 /prefetch:3
                                                                              4⤵
                                                                                PID:4204
                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2988 /prefetch:8
                                                                                4⤵
                                                                                  PID:3460
                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1
                                                                                  4⤵
                                                                                    PID:4900
                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
                                                                                    4⤵
                                                                                      PID:556
                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
                                                                                      4⤵
                                                                                        PID:1144
                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
                                                                                        4⤵
                                                                                          PID:3476
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,7869529948910772021,9554239690853562717,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5088 /prefetch:8
                                                                                          4⤵
                                                                                            PID:1104
                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=what+happens+if+you+delete+system32
                                                                                          3⤵
                                                                                          • Enumerates system info in registry
                                                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                          PID:4864
                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                                                            4⤵
                                                                                              PID:4516
                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
                                                                                              4⤵
                                                                                                PID:2280
                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3
                                                                                                4⤵
                                                                                                  PID:5036
                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2452 /prefetch:8
                                                                                                  4⤵
                                                                                                    PID:440
                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1
                                                                                                    4⤵
                                                                                                      PID:3912
                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
                                                                                                      4⤵
                                                                                                        PID:2640
                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
                                                                                                        4⤵
                                                                                                          PID:2744
                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3612 /prefetch:8
                                                                                                          4⤵
                                                                                                            PID:1676
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,16506853934534884142,8464794561562086080,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3612 /prefetch:8
                                                                                                            4⤵
                                                                                                              PID:2284
                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi
                                                                                                            3⤵
                                                                                                            • Enumerates system info in registry
                                                                                                            • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                            PID:464
                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                                                                              4⤵
                                                                                                                PID:1728
                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2220 /prefetch:2
                                                                                                                4⤵
                                                                                                                  PID:408
                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2272 /prefetch:3
                                                                                                                  4⤵
                                                                                                                    PID:816
                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
                                                                                                                    4⤵
                                                                                                                      PID:1648
                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3328 /prefetch:1
                                                                                                                      4⤵
                                                                                                                        PID:3152
                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
                                                                                                                        4⤵
                                                                                                                          PID:2128
                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
                                                                                                                          4⤵
                                                                                                                            PID:880
                                                                                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
                                                                                                                            4⤵
                                                                                                                              PID:5956
                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
                                                                                                                              4⤵
                                                                                                                                PID:396
                                                                                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5016 /prefetch:8
                                                                                                                                4⤵
                                                                                                                                  PID:5736
                                                                                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                                                                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5016 /prefetch:8
                                                                                                                                  4⤵
                                                                                                                                    PID:5748
                                                                                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3036 /prefetch:1
                                                                                                                                    4⤵
                                                                                                                                      PID:5148
                                                                                                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
                                                                                                                                      4⤵
                                                                                                                                        PID:1004
                                                                                                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1
                                                                                                                                        4⤵
                                                                                                                                          PID:516
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6454703127463595184,2162916668307773485,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5280 /prefetch:1
                                                                                                                                          4⤵
                                                                                                                                            PID:2220
                                                                                                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=internet+explorer+is+the+best+browser
                                                                                                                                          3⤵
                                                                                                                                            PID:5940
                                                                                                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff8c84c46f8,0x7ff8c84c4708,0x7ff8c84c4718
                                                                                                                                              4⤵
                                                                                                                                                PID:5868
                                                                                                                                        • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                          1⤵
                                                                                                                                            PID:212
                                                                                                                                          • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                            1⤵
                                                                                                                                              PID:2116
                                                                                                                                            • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                              C:\Windows\system32\AUDIODG.EXE 0x51c 0x514
                                                                                                                                              1⤵
                                                                                                                                              • Suspicious use of AdjustPrivilegeToken
                                                                                                                                              PID:3836
                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                              1⤵
                                                                                                                                                PID:2368
                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                1⤵
                                                                                                                                                  PID:4680
                                                                                                                                                • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                  1⤵
                                                                                                                                                    PID:1192
                                                                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                    1⤵
                                                                                                                                                      PID:2320
                                                                                                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                      1⤵
                                                                                                                                                        PID:3508
                                                                                                                                                      • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                        1⤵
                                                                                                                                                          PID:3540
                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                                                                                                          1⤵
                                                                                                                                                          • Enumerates system info in registry
                                                                                                                                                          • Modifies data under HKEY_USERS
                                                                                                                                                          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                                                                                                                                          • Suspicious use of AdjustPrivilegeToken
                                                                                                                                                          PID:1412
                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8c7faab58,0x7ff8c7faab68,0x7ff8c7faab78
                                                                                                                                                            2⤵
                                                                                                                                                              PID:4880
                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:2
                                                                                                                                                              2⤵
                                                                                                                                                                PID:4788
                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1972 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:2400
                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2092 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:4776
                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2932 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:3208
                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2940 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:2192
                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4384 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:3032
                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:2016
                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4680 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:1056
                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4692 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:5500
                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1776 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:5552
                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4912 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:5688
                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4964 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:1
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:5832
                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4292 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:6104
                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1968 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:1
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:4804
                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4804 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:4812
                                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:5696
                                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=1880,i,6090220207473825395,2406160443351692364,131072 /prefetch:8
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:1428
                                                                                                                                                                                            • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                              1⤵
                                                                                                                                                                                                PID:5000
                                                                                                                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                                                                                                                1⤵
                                                                                                                                                                                                  PID:3568
                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                    PID:1568

                                                                                                                                                                                                  Network

                                                                                                                                                                                                  MITRE ATT&CK Matrix ATT&CK v13

                                                                                                                                                                                                  Persistence

                                                                                                                                                                                                  Pre-OS Boot

                                                                                                                                                                                                  1
                                                                                                                                                                                                  T1542

                                                                                                                                                                                                  Bootkit

                                                                                                                                                                                                  1
                                                                                                                                                                                                  T1542.003

                                                                                                                                                                                                  Defense Evasion

                                                                                                                                                                                                  Pre-OS Boot

                                                                                                                                                                                                  1
                                                                                                                                                                                                  T1542

                                                                                                                                                                                                  Bootkit

                                                                                                                                                                                                  1
                                                                                                                                                                                                  T1542.003

                                                                                                                                                                                                  Discovery

                                                                                                                                                                                                  Query Registry

                                                                                                                                                                                                  3
                                                                                                                                                                                                  T1012

                                                                                                                                                                                                  System Information Discovery

                                                                                                                                                                                                  4
                                                                                                                                                                                                  T1082

                                                                                                                                                                                                  Peripheral Device Discovery

                                                                                                                                                                                                  1
                                                                                                                                                                                                  T1120

                                                                                                                                                                                                  Replay Monitor

                                                                                                                                                                                                  Loading Replay Monitor...

                                                                                                                                                                                                  Downloads

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    2B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d751713988987e9331980363e24189ce

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    860B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    54e51ccf742e8202151e40decd3b54b0

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    4c844b78f2633da61907164c8fdd15a29143be9f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    79be619b73f5bb6279e180306b6ad810a311918560471eae22c3205dbd7e52ad

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    6906bf49375f90e373c73eb6338369502184496d8bb9143bcb3068063c8d0f6c1b18a1933a836037e35e00ad4b78d8a4125ec7ae1169c83994615a7f2125df16

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    524B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    2887e1f05ca23beb54d4071a0f6d30bb

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    476477fd93b066d98d12a91c3f5bb327803d592e

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    912af05119c9ee080d4b6bde04cf705a3b818e72a1f9ed9f4920b9d28b74e800

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    22e3a4ee5885bc836b3c37cc6b20a7ecdbec3e5941a33665faa1650a822a9a211e4e4afdd1edab539033965b2796c96539615844cd2e1fa2eda56cf28943305b

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    6KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    99a32725623f1aebe8f3400883514f2b

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    5f2ae5faa16234bfbe4e8287493723ca98266b9d

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    467f0464e5df28911bcd38cd95aaea3a089511c3212acbe0994fd98969ed42b4

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    f4b4432176fe9f3596939e0b5e942228fd88a1ff787e67818fe50c79197d6c554ee4451cecbbc31711ab9a3cc612c02dd4e6bd39fbf167c274263f9808da27fd

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    90aec54f1e1e375f2ef3ec838f18811f

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    f2c4dcc036b31f46fe36c69562f806a87139eab5

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    05bca8fdeff0b0a8ff0a0fade1c5f2da3529999ee74979569e47573b72959fe2

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    c892725107cfd9c5b35db5973f706d981c066f881efdcce4dc257877e6f09c81e792c6b0fab8534e39bf1c3ab8761e9451ac196f08ef2c7a097015bbb17e3287

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d66ba6d7b86a90fe8a60c46b6356593a

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    ca90843c5df5a0a0dc2014611718d4eb96b09c43

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f5aec6017010f990c2d5d5413391404d6178aa40d023466b9b79fa67e46ca9e3

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    11d87643df6cadad1ffd71ec268c2159376627b0dc8f0a7e958228ca6fcbb38f0699287fcd47275d6fc4da71125045307378f311ffe115b5dfd56a519d11b5f1

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    176B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    245f118ca187fd3a1fd98488c655d287

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    406c4a2787987afb76be0521961f29f846c0c1bf

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    1f8d52de0c378c0d83c69d7b423dd6b3cde0dca764c6fdcfd8958a4964cfeab9

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0dbb505b5878e86e15de81b5102f5b227afa3f853d7e1a8f617db8765bccd90a98fb23399e1ebe8c34bdccf0b2def900fd18b0aafc68d7013a130108bd7243d5

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    112B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    f842342d491b6d87432380ec6a4954c5

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    0516e7a4bc949d5f0c0f22420a5f77ba3e52e133

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    097951fe3b2e6c5c1edbf189784c4ec611e59f8292464c94446cb011bdc64fff

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    6d07b353a92f066b897df6a01aa00e8dab0cc7bad74bb3639ca2a14f49d335d6d36ba2ee6e24a20830b662193509e954841b304db55ff47ff26823988b609e01

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    186B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    65d3e1d6205d1eaeda8f0f0d2b52aac5

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    756f1f090ffbc4abd2681fb7488938def3a200c6

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    5a01e763529cb5b92b01137be55b62b19f4bd522a2009412541608c1b6715b92

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    e4e26b52a8cfd686b4d1da5a25bd323b40ed3d1825b74be16bc7e6c9b47a7314a9b2856856ad4bc1271a96b54e0b6ef9f08bd719cb4404c224e5bd21c8b3706d

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5bcc93.TMP
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    119B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    c2b672056637ee4cf96d9230244260e4

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    fbb74704b7d5914b97d761f613b322e516a39bbf

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    600ef711b2722d561ae12631ea823a6dc06aacbc7f616736adf744c0e55b0578

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    aa98c1c23033e2bac84692a6d9b24672323a7d9ff877c846a24cf3c7119bb0d42fecab2ccb10e43e9f671b6bbb0af7466872343240ecba22447c32dffa5e3b7b

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1412_1415607311\Icons Monochrome\16.png
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    216B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    a4fd4f5953721f7f3a5b4bfd58922efe

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    f3abed41d764efbd26bacf84c42bd8098a14c5cb

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1412_2110446408\Shortcuts Menu Icons\Monochrome\0\512.png
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    2KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    12a429f9782bcff446dc1089b68d44ee

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1412_2110446408\Shortcuts Menu Icons\Monochrome\1\512.png
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    10KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    7f57c509f12aaae2c269646db7fde6e8

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    969d8c0e3d9140f843f36ccf2974b112ad7afc07

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    276KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d9f71c8631851e200182b6c39d66a899

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    46442f7e2ead7658f9b30d9793466dc41a013556

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    33e93738c5732a404305322284a73222a41785128b847c7ef2437605becd5629

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    558c12bac0036c36dde9e6434e8cf77b4514bd0f87038614a5cd7e515fedf43012dfb0b77f0c5bbe869682164e56365bf75abd6a591dfe51197ad88cfa911f44

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    152B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    c5abc082d9d9307e797b7e89a2f755f4

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    54c442690a8727f1d3453b6452198d3ec4ec13df

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    152B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    3d1ee7c537a9b7b8b43f7446567d7a75

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    c879f1a95651c27e99ac3789fe1c28a4088d2372

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    cd0c5fb888cf75a8f3b509b58b62ff80602061dbf2e43cfa600e85173f96fe79

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    f2250cdfdcde2d54054b8e442ac8fe6a6c77b4f72a1f9eea47340304b00c22ad888c7c46e3fa4c47781a55c8b905c033fc919db9cb216efea5e969029aebc3b9

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    152B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    6e87a33c286e1bf507f1d16c50064e29

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    aa28da19d2f521c9c89a9a0359c266ba7730f9d1

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    0ccbcc49ec5858b84acbd0f0551f6853ffbdbcebd65c072bc322368fca071a11

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    e292be7f783674474ea146df295a74d3e195d3734b71cab90ebf0008f4cbfdc9cc7a67b548045419bf6eaedfe8f54cad7d03afcc9e08331a94277c5caf4c8e46

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    152B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    b4a74bc775caf3de7fc9cde3c30ce482

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    c6ed3161390e5493f71182a6cb98d51c9063775d

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    152B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    010724764331d1b10a95c7427956d488

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    d0a75e37c39894cdfcb282dd08ba0bababa2f3b0

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    19b2c52500f2cbc0bedc7cc92b46a699f3c4ce37d59ebc1d8be2e0225cf1dfab

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    f4dce4986d6a00ff45606c8c55b69a628d68383e726981f44c53f04c80f7f43f876fa7a05b8c1da108011c7ab9d9f4f3515cb487348ceed6b9894529fcd9a561

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    152B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    c02a138e69f0f854df9b2c6ddbad1919

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    20d8f2271b1515501c6fd5aa1d3092bc6b43478b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    505fbaa2f4549b7283a059475a4fdde8bacca86a0d980ec29fcea506b380e9d5

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    fe33add3f143ad223d13b8799357f0b29c5224a1b31e2073999d11f389db199d1082e40f271b4a9996a232a349a0118e71abbb7c9264dcdf0e25a4e0ace1b003

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    44KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    f46eb6d2eb1c1c38a8e249ce30fe14fd

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    6d0aac14098b5b30a090aa1ae791a5924dee9beb

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    d01191d271a94a722d1bfd65f8896a3b8fb7da89a47ea5a1f2df80490460a746

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    583290a13a1c1358d4aaa7d399611f17b8c124e4eae1b6c43ad9ca8bfc734118d2bdc8e93d6e6289b5ef0be97e6233bae0193ea0496dc1f97745439a91a83189

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    264KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    2da44708b498c213fe0963aded24ac9b

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    c2eb286d182d2d5417d6618551e66b9ce15baf26

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    748b7b51391b8bc80c45f0f20765031c489c0934759e4d4ab5e156247064387b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    284c7675507e8d69171b36240be58f60d5b5c8339c0fc0f8573e81ff6f811561b4a6411974558a15ae84f05ead824132db7114b4e42398bad87a9b49d8a1db49

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_2
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    1.0MB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    90e4af347139064003cd98dff7abf0e8

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    f21dc2a7ca741da1c537f66852d2105cb4aefc8f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    df621ed33b92e11a1f6e8bad4acfe7ae005a174cab09f942c0e073150a3c1916

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    952ebe4666a1388f32269bddf16212e20ae25d4285c15a10287b33b6b422985de8f7e666a122b330895fbeca6b21820df31b5255ada0350cbdb1364efcd65ce0

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_3
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4.0MB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    48307f91e9b6f504db45f9274baa957d

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    c1730d2d588c5f0f1a5ce31011b115c8eaf8e412

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    bb17098e7cd29454a53b70514362d4d464ae157c92693a732a3db3ddba103fe2

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    d14def6edfff66a4aaa5af3b0f695013fbd69516f11fb62d08b22fdccc15b1bccd224e14eda709e647311f65608daa8390b56b3287dbc46c7cb6770157881d56

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    24KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    87c2b09a983584b04a63f3ff44064d64

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    8796d5ef1ad1196309ef582cecef3ab95db27043

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    68KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    f0c27286e196d0cb18681b58dfda5b37

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    9539ba7e5e8f9cc453327ca251fe59be35edc20b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    96B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    9e560303a165b48968c64015c3ab0a88

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    0ad4b09da8697873e955f91256bcdec663200d8f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    e228d9930d583ffcc5c77b69ace0786e054a87ce63f2a810e6070622f1b52888

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    dfd59c4e5c2af6547e23bdece9ee1e54d0f8a23ad59ae14a71c542a24deb120f3f7b5215a36f4387e4bc9c863fbbe2e228961cc67e4e99f1c7ec5a0e6574e1f0

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    96B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    1e566f48e0a3bd792f57593e3bbb24d5

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    f2484bba8bd1615d59dd3d14240f2510c929a305

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    edd09708c6f63c3b667dd443600336232b5f07b39312e5f3927cbe90b999867b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    343dafb0894c47038306f2f4454fecedd800d5a05a790fad08a4c7b7b7e4989bebbe62d4e85e6adba5d73c93d5b0a4144de088cbaa51a54c178dbd0eea88913c

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    96B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d5be2bb9e1d4f90a05587ce523e7cbfe

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    2f5f4ea57e88d61ff0b929dba44837cee2ea1dd9

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    58ea758e1a8dc5667707214ce5c86923a02baf3b9819f463317f6f7cd94ae22a

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    6b8ad57e9c4e7a89e8d33fb334fa96194d66c344a1c0ae9729a66e3facb0d5d7f11b8de105744f5dc240453c821fea09ebd1892984f172bd62ed17d16b5190f2

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    72B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    108f3c1b744ddfa9bd78db6d07519953

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    a57ba9175faa34dd5257d77c12ca00b6c6f489b8

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    d3f4d8ace157f22a167604162204cb56ddfa6a8d536cfe8db2776ee71871c308

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    399e9ac1e2c99c9ff60017162a0cbd1c496ffe36eb8b0655b21888f2b06ced9c59e3b360849668e0f360db33074801485275566b058cc8f9eb84c392f08cdc69

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    96B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    dccd817eb23bc5f6c915ae00bb8b438d

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    41e4e04bb77fdc3cd9040e25dadcc82df3577f8f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    4c1de2a5a3097e527064f34ae5b04fd040820b0c344baa9c3f426b4ac7f5644b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    37772c4ac18c374cefa9258318b120205c0b2db43edfbd2079a1181cb8032f7aca34b1d8509d69491910d695aa7f8bca44aef207efd75e16e2d9ebe9842d1975

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    96B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    a3da60819d62ad4aa5842f152e1e3b47

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    4a273e74c85e4ea9bcea1ff36e884e218da75eb2

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    43c42f7bc3f8f059f2ffb84204e074fd75a685c657d9eb0a2315b13ea012f05d

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    c06b36dfe44b367b2910848efe370a73dbefea1bed62f4508e0bc2b9b169379225fc31d0729bbe13d72467462f6d5e4226670e54c6c5a5ddfdf896deb5438f66

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    20KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d703e6354467c496bb4cae31d0457c28

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    0f0285164739bc9920a83ef32fdf497a017eec75

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    9b225ba31a9ee9a9aa28d6fca9666b22d2896427318e68597c6ed908cccca429

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    eda11f70a76dc67780dfdedbf0bac51e72abd72c302e1506b995aea81cb6b3859b85d4083b7429af66cf9d98f445888e298109f878394179aded6f348c56af3f

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    319B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    2e6924a832bd40d17278c74a026d92f1

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    e1d4af7ba59ca72d1abde9b2a1ea906724833bb6

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    66d381cb4542a314eb724e5982cb2e1b4c7ccf8ab0a7eea945a9dc8e204b2b64

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    39c310af647d28948c55901d1d3333689a223b9e02e716becdccd106341494df992739e2ab3bee9e886538af605135dc5ca07d74c5b85e6878a95df20888fdd5

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    20KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    6230a6a239d70817087bb2fd2f95cbee

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    ec5f19740740bec2d29828c078ce78ee48f02fd6

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    618d56da45a6afd2202c0691d7b54a69192e50564652c39efdd33007036b7434

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    c819e17878e55494ce2bd4ea9cd1def1518b95166fcfc86d3325796686a4fc0314d98ac781ba2b7e58552f65592122df35fefa7990f878cfa50bb104d44ed5d1

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    264KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    793e7a81f5c6c258515960b7473cadf9

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    633ef2c4da364b1aa2adececb0cf8b14bb488712

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    c9cb6545e2e2c1ffd5567b19d216c4069e25872037c0782621f2e526a0c0bfac

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    9e7313cf0d00a176d92ae0aa28944e3b6104bc3ff444541e3fc56cb68f041e8ba6deb059395a849dd41fe8d0d13dc94df210a479bc92224f7384f2727f95c2ba

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    124KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    c63fd958b9130ff018a2c99774ac7ce3

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    4c2df67e756f03f353499f2f1447563277a91335

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    dc71d0fbf1187e150bbbe374c05030110420760fe23e85494c0c0dd166c0673b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    21064a8f42d7127aaa9cc1b48d07aafbe1f1393ea1fa40067c5911989e1c2e1e94a1b9b4dfb86f11bcadc72135e5ad2f7b18b9b111c97cb979d4c1cccf133683

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    2KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    02f7fa5e8767d95b275abe27472e91e8

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    1ad4b77eb5b7d50833e5804039ffd8a1d7a71913

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    7d28abf3186a971363c4be303f496aad27075709688ed6469cb83a69fd9833f1

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    2db32980ccdce80a82fb345d2812cba9f2aa423c9ded184030cb4eb2b39d89e96037dcc8e293f9beb509801595cee3cd3c454db0b92f960864b87bf7ab6c7fab

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    28KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    1b63ffa8325609f7f21989a5a7717fea

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    74d137782c56504a7d09d6c27dc8e2e3985b4f8f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    880f695c5069d1901c6a06fa00f2a5cd0fcac3c73d3ca08c00b2c844ff4cb44a

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    71403fe5b46e3db725d03295a2e16eccd25ac74c5f0b4af78c304f1d7f55a03a5c7a7bf97c1e0475116c9926e0c05bafaa4d9d3735930102f598a6644bc21e19

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    331B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    dcfc059c5715d7b48baee3de35811ffe

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    da2198c33256ed9c001e6d1bdfba9eb92b1fd647

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    cf6b810e3a1d52352b37e7ed79d0c1c0b149ccc3e1dfa712e2046b9eb6119d33

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    a21c1aa0a47c3f1424ccb79362681283b094354f11491567a8cfd600bb8e540dc228d84f4ad6c767870119d19fb89124bb51a6b728bface3e67c0621941859db

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    1011B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    b69f7f82e0f6164bfaf2f1c8a1562873

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    66ca17c3ecfeaebfec1ca1348bcee7a208853b3c

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    59538c681016ad79f667f8caa8c718f03f819794e0903ad0c99d832a3b795999

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    db5ae986c37b0235c616041068353d8987b297075ceb832a994158973e184cc0e655180b80e16e96e7e248893c344445f53951da7cbea1488021989fb57008d7

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    949B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    96b5880f2ad674efcbf426b52642e5dc

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    0d413330964eeff6ae632aed05466c23f10e5539

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    b24f4a4659b5cf0ade394c93b7b2dac5a6a24c5f246cdda80f303debd305b5db

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    2e2356b5b8ff91aca1965d6bd054e9b6f30f29bfe6100b6e1a4311d1d6970f4596d709d9bec9a6507f583a653f50186c8dcb76edf66af1f167d85c0b3824aff0

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    1KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    b5e765c04d3001a4b44a62e14b24b715

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    d262e00b848b40f75ce8354c5a78d48de701ca66

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    040f38e36cea838117afe7b5ad86971a49e26fc73c709525b3ef0151a517a816

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    42db932305b8670492fdd39d96d298f54fc3f2f35872ab814fe6cd3bb88a396ec1c5ae5692f057922a22b21142b361f0e1019dbc3285fe1aed0c416da2303fbb

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    1KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    b7f3242ef02abcad4823c5c44a24c3d6

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    4b739b5e66e33e18514460442db88da2a961ed9f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    201c915f11db4c47ecac8d467e38672e59ed4a17da7bb1c69190cdbc6759c825

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    055dc5327dd65a87039a0127b42b6f92960faffc1282214b9acd578259440a24aac00567ece68c2cb81da5077c3f184375135017b487d55c2b2e08bafb26a768

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    1KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    901c022cef580715c969fe4d1c9206e7

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    9e0912ec8abe7c2da9235364d608fdf60c21e311

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    a144e34b1ee2146cb863bc08ef077f376e4890142c477b2fac18769cc0edad90

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    175f6e0a027e035a03324a14260039cd9b8a4ec47345113aed9029286990cb1b887d586a32f4c4eb24de2bc6b58627d34337d3f4c31fc774a80a9d18674ab7c6

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    e662063e48ddbc33eb4685f8ed8d4be5

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    3009a24f9971cb77745820dcb18586a78d3b2f89

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    ae584a053120ce8209fbf6d767e6feebab5aff251f2d5037fbdbd1e955e95f7f

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    b5a900dc7d04939a2f9f37c38bd32e0db24b9a3b05af2744b5ff2496a2c76e7fc4e3a2c9e8730182fda68b003bf7dd378fe4cdb667714d332b46033ea5bac256

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    6KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    734c602d0e2ed269825dbc755a32bff0

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    91008c2175055f242b9c236dc7b1f095092143e2

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    80f335974d46d59874d36f5673dee30bce9e763cfa7fdc59fe95adaaddf1d3fa

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0d5e30f4a2c7523a5fab5668d027f88a0b2185faef2d26d24bce22c1484d1ab2e7d9290683a074e7ac0d7db4df2439fa5f13f8a0bc209853c9e7d0b01a7dd6ad

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    cae014fa22817ef9d75388daeb50d7db

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    0a1c72bcba281da32bc5ce0dc1960cd015233b80

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    313f06d1db89e13ea9c4511d0edf274abe8e697a94b82222167bde1b9ac54efb

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    1f93fa8b4871f5eb0b034fe0d53bd70d80480198a65ebed149ff7876e68fb17c5ffce3200beda1378a325fc2745c381a13d342555ec1b8e03a6d7f020f711e4c

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    bb1270527ba95e03a6799cccc1161fc1

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    edbd4b8c30fcbdd524bd16d6910edbad205b065c

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    8ee0ba62a3dce006bb229e1631b2f33465e0f91dc6566fdefe4c9023ea960cfe

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    3659fb8a037492853032b27d59d7e432e615dfdeb10a4be316c884c2a0706079820e654528e2de25e4f71b8d001c72f2c2c1f60c5744178e2fa235e2c4ece8e6

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    abdd527f820ca3c398fbb1aaf57f944d

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    2def7680e487a0bc6973b5314003834340e4aa19

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    ec7030b1ad21a22ad090424b6ec00c26b0ac1569a79ab5effac78eef34d3830b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    f4f95885c99e3f01f1db3a251400a79aecb8be96877fa123cf6c94adcb279803a30b36463ddc13f1be15ab8beec61a641d950a420408ee18389e3a8e18022a00

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    6KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    eb36ddf57f1a042d7f2bdb6a11c4c382

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    12315a5c49052b6043b4acad82bba8de0bb3e406

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    84b73826ace13010294e0b65bce92ed33267ad91304d5a100ff53562f9ca41e1

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    58a7156c63e8944c865c4edbbb0cf3a07470ac40708b23caf0533539b580a63f43a98ea557eb60cbccc984e29e3223c7c6079cbf77f00c21161c617897136a30

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    ff33323a53e8badfef9118e54d96b017

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    f503642c00302af1363f518472a76b009e709bf7

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    686c99bde3744da62889a159b19c857f95c270e3be3e8d7ba8876695e02968af

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    cc034ba78c94e6c57971135bdefb2b143b63ce5069c6b68afc05e052037c25ab858c49af2e1745b94d3087e303743629087e651994425ded9b10ab1e9f201670

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    55f1a52aae3c2080d2311c9cd64d7dbd

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    20cb0089f4d3dc9ff4b12d21ac7dd0b716690544

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    7befd04271323dbf8ee879b106ecdc783594b4efed8443126a978514a3ea89fe

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    b812bed9a7b0de95e238eaf3d274437e0125f196ec3111557153c2a65ca7b056fb34ebaee60c501526f3ff0c6682804aa3e5086ec5e24834e3d354cc61081d7d

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d67a75d7a98fb846d438e81b8e2133bc

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    7ef2a2ecd78de8ff6172ea8b9c7950b22660bae8

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    ec8a08c2fc443fda511987d2ec9668b79fc823a214e32040b342ab539bec625d

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    bdd5913b0e1650e8ecaf516aead0039236813f892186e4393069dd74786bd9026fbb195ad240518a6e019f35fb7cf486a29e8fd484dc7302c3e370e670eeea0a

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    74c9e992b8246ef114a6fc128564f16f

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    da03b492967ae22c3d7fa27baa2ca340d7a7c7e3

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    048e57cf65977c4bdc0cf5bce12933e2321214694d2745682ef7a205872a98e5

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0c6d0a5bc093009f1be43994a255860f9ea7d6bd6b97f678d944024ae5fecc6173750c6627bbb74967388bfe4c148dae24ba1a70eee97e4818c6bac1e5287d15

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    4ea08be08f5b746381e913ae602ac603

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    18c3752b0398d0d3617eea5382b56cc4464610c4

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f71df8dabf16ca191dacbcc6712f5bdf83ff1ca57d01f0582d780820be7a817b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0e18427b99a1c59dd538cc9785352acda3d2bff456080052b61ecbbd153e2d3f0b84f6b7b0d449202a875b0ecc5f36e83093f7d29bfde2307706d809ac44d659

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    82f6550d1153d16a7dc935a5d855d8d5

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    5abc217ca9022eeeecfd22b79e9a853481dfc42d

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f5d667f8258cafd355615cca317235a31b02f6de05084807dd1ab1d00525333b

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    3d198ca977af031f8f62f69305c1e6051f3a2b7c9331e7832a6261cfeda3242df5fad8d53533f23f998560a4b9d18ae3620bc4e1e201640bb850dbdd4196369a

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d1c5daf849867410d9811aa5a49cc917

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    525644a4a784c60bf51bcabe9eb3b574ca6849af

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    c3ca3d4fa2c1b93282133b6d98c7a6e9e48023f453848a7f98a1c966c1fd3f97

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    5fe02e26eaf9b01a069b763c4fae73350275ecad1cbbf5db046ad8687cb09fd70d350b06a4d93d797e733f1e51c5c031fcb09c6d64731f107a4be333a298b8fa

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    7KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    839512f5beddb3c64c569c37b51474f8

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    109eb964a7685ba1d7ff201c062f52ed7e158e67

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    58246ed2f3cbd137b363f1c5c3de564c60f0d49f5347288e649d8c578eaa1a6e

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    1cd43e6df6f8ee505eb7b6ea9df93c27e399735814b15a036e99f2f0583182d79dbc99c138998297d89e62583c4867495b3f7851762aee4947a9176894fcee36

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Reporting and NEL
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    36KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    75a37ec2b4901291b36638c37c9f08c3

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    9b7ff05636a614f9a183258b4b60bc54a1add1bd

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    65ec9d7a5de15dec20c969ee25c956d334e586100f0826f881a51ff297825d9f

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    10534b2f959c95ae3e0289a864a2e9666afa68a654a8e95d92eecbae9879c76bb35269eb30f5d59b4be6bfdcf6bf3142dadc7cb98e4218c9e21cc4cc170c28cf

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    194B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d7d9437445aa960dcea52ffe772822dc

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    c2bbf4ac0732d905d998c4f645fd60f95a675d02

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    4ff49903bec1197017a35995d5c5fc703caf9d496467345d783f754b723d21c1

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    335eb1ba85670550ed1e1e4e14ea4b5d14f8306125bf147a42de4def5e5f75f14c422b014414030cf30378c04f748ac875cf056adda196511a0b057b3598fe9a

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    319B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    9e90058d715fd594983b6825c85bc51a

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    ab2d2b47132c07e80a7800c66beb30e2fc071565

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    b55ff15fe4b8198bba3aad035d4fbeaa77cbd9a24e504526ab97658e423f1b35

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    c7cd946786424c73b6d3165d96b9a28971a3aa3ce518d239797888133b510d2630ff44f4e08bd98edf3e3ea9504107b18916544036922d567f9222d061dbe5a8

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13362907749929547
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    3KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    159c987548d8d5aab630b34179a3a358

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    909f46d269d4d2bd68c5ee7e7fe4dff69bd242be

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    73edcdd334d6c13ccf0be089ae96c78fc184fe5b202f879b1350dc4bad6e7f02

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    d2f966b682d2822f9cdffc7da8c7c8df54a5045f657a44d3d46ae4b30a8d07cf509323f33fc9fdd03a8296ac558e60b1d0aa66dbd5db69d0e2dd701a51fe67b2

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    112B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    795b3dcfa5a5f9e8cc22bc9faab2b7fb

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    2e239557c8dcd0199cb8dd6998e5358db4c84624

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    ba55569f1908f672483d6429d372f1a20de31748aebaf87bee5c478a0b1dcb8a

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    aeb0e9f7bb6eaac17fa8dbf04aeb9f337070293a98355a4527d51e93f09683f313846cb1c309dddfb8e8a25a295d842ea5b4175ea2c8a4b2badc9a44fff7e1d9

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    347B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    e9f3b7249d4f3b178a7a1ab8c1e4329f

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    eca4cc68ef94376e2d4739b1d7de5fdb3412c55d

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    1b5dd44b41790e6d6f80c1da7b7bff9ebcd3743a00291fe622cb292cbd47eb83

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    830d9e82904ac99360bd0d19f63d7aee599b4febd0cf7cb3082d129c859b43646d4efb9c18f078d3b66345f27f6c8ed3925517ae315901269295d94170749989

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    323B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    8aaaff3c635d1f9fc3e466569e60e43f

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    b7d1ab6718f6c430442111112598a424e986ab03

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    66025826b4254f1f51c90d3984f0674b8ed04ad012f105ce86b030f36aa72f4f

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    3ea831e1246a4f72f7af1e8ec091a8eab92a88e5c35476bba5ccfaac437a31c8f8d44198a57c319f9c040e0cc77d24aa10a719801cb4d901c14c524dd64b9009

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    204B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    fea27f26364b1348bf673230ef7222b7

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    a5ba3992c08994b551c7489defec3cd476b8808c

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    11bf114e6e75f926617eaa2b613de2f98e0e02ecfa6346fc380493b0d7f3d721

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    dae38a696381f6a2d50ec90c2d54adfdd68d333d408392a2fd4404f66d6b136c114ac1f7e1dfbe08a37a71cb68d5fcb26dc27e154243faefc01479434a6198cd

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    204B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    cddf968a7be04dcefb7e7db15e6dd68c

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    321604486e2ff9f74836467a6881dcf382f20e34

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    e2731ff20556d6f941ac53be34d94c02d4928053abb66a0d8f3ee41f316f3be0

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    574f1ce96b451c91e4a1640e0ae57733779cd3ef8940ea4850d88d288a0467941c72dbf6cb9c4ecded0456c5a3f74d4eb99df2a094a49d41080c80d6b0855fc3

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    204B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    6eef01ee12911509499e17161654ddf5

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    c81cb75c6cbfc169e2100ca8f64524219022c137

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    a45eb94200c8caf0f5f26733d8348a4a97e4f4c2170a3d04a2a19f32b392a580

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    feed604196d74fadd0ff076b6ee2a2f90f5696b8897a9dded0f137fa164d4e049ebdf2a04be94c0f68098fc6015c6ce56da0a6c2e1209b4290c1bb94b54c38eb

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    204B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    a8bece7812aac81ea862546efd768354

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    4a7a7debabd4e5bffa741b81bbe14d20641cef03

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f4a1079072501a27b65766a88738227d76dd899c30a153cb428169875bb996ac

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0c79026b43f2b3b1b96e333c0b7e21d0876ad284458eddc582e43007da0dd177229e904e99f8ff83a1999958f5e48771978db30fdd094cc336f654be7903a015

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    204B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    793ce78d8ac8d52642b7278dc69f6a0b

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    e7d3abb7a6a316d2b3611970e65ea1e3813d3a46

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    613371e4df4790d47cdc8478ba59181c2c104f3e0348810c52a70d6205100d81

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    12657b6a6a10ee8904113ef4ea126a45cfba95ea524a2a3286b39cfcd07e2a919326d1e7b300869fb649445ab221b4fd34326726d207839a8bd97b9ff131a2a0

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    204B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    4cf5ab574953aa6825a7c91209e5ba84

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    58ae2e3ab1764129beb366c31540ea643b82ce6c

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f9fb7ab249285c9931fdab9fed827722a84510f80bf58fcd649cf277d26cc8d0

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    db4f20e7963942d2f25c48a5b8c2a67bc746b09201ccd0f2ff8f91add26d56eacedb7107e3dfb2898d1fb0c83528aed897f132925d16094ab668534ada149ca8

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe59042c.TMP
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    202B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d81cb4065fb0e61d653fbcf0a00e941c

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    a0269b0d4ad26f84e0ac2124b2c59945bdf3ddc6

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    033c515ca1e1ae0eeec8c4925909d2e87cf36a90386e6db2d5908710157625da

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    61e0ead8ac06de9c1a5c7f6d45baa551ef3f428c1f9cfd4229f6aa1ee29ef4aed6e35f64b8850a716edf3d9c1ed97d89fe1937b3ba8032e66c14bd6663d82890

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    128KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    64654cd31a3b72b6d667ccd5a0219c26

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    348dbc76d24df967ca89ef588ce553ffcbea343c

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    8698d37bd3e0e729ce1f666ade7c6bb3a02fd7910e4bc7eaa67c8f4da5a2276f

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    d3f0fb7c7bbed59a98542cff06f637f19cddb5cfda8cc8613c47cb425b39d17b3d58344a8e174f47fe1c16b86f88cd215208128d1585fc0c694bb233ca5200a9

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\d9ba9f38-c107-44b2-b3d0-ee08ba6e22c5.tmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    1B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    5058f1af8388633f609cadb75a75dc9d

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    3a52ce780950d4d969792a2559cd519d7ee8c727

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    46295cac801e5d4857d09837238a6394

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    206702161f94c5cd39fadd03f4014d98

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    6752a1d65b201c13b62ea44016eb221f

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    aefd77f47fb84fae5ea194496b44c67a

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    dcfbb6a5b8d05662c4858664f81693bb7f803b82

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    60e3f691077715586b918375dd23c6b0

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    476d3eab15649c40c6aebfb6ac2366db50283d1b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    16B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    589c49f8a8e18ec6998a7a30b4958ebc

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    44KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    bf1c5dbf8cda076ad08135545b9ae348

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    9344c91128e39b814e7c00df047d476712cb6c9f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    e9c21f54121fa71cd51749bf7e7756df77148e63db2800ce66456513d1eb8fb2

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    a32dff0d9f99b5cfc1e48f66762278bfbff220c4ce1ef98d46de57788d23852b3be551eac02e58d7eac06e9703f84ae098581561c9ca41cb38f0e2c50cfbf536

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    187B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    248bfb3f59fc19890e35b17a97b5b191

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    f41fb7533ae53915a30296d9c6efeae4abe40e00

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    eb35192d5d05b0ea8b396761ee1e6244ac95781408a3e39ef7bc22de5a6f0ab1

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    4a45e9ce826982ff40ac0f7b6d510c4880bc9b5eef211d71fb18b7a8186c877a2c626cd378cd652a0e86fa9474a624fe09b800ff156b2cc2229aedc5a3fffc5d

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    319B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    21b8675e5235b6995df5390142c80224

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    1d18ad08046fdb894ab8f8f4e35a4ce2a1581298

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    567502edf8beaa1fae5f6b0751b9b3401557cc139b33e346bc236fd7b453b81e

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    8663f8d28bd1ce3bdd3940c1b677392f146d87eb67aeed99f87d5b956f9cb841fd12a0dfb8d8ca08502cd9393fbb56307526ef7d0b423f58a383e6a1c7b1f1f8

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    536B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    606e591b4617bd3cddcc24092669a854

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    cd130908396738f4f5914d2179edc4d7f460a87b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    5e88d16a53fb9ca262fdb191e8241721e907554d04fa32a2f140c330275c3aa3

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    58ab52e55e3de1c6c4ad0c8574306ac54a1f5e4eb3d205ea912c6ba25e16fd5dfd0f996ce324952f59ec218818b40a60e1bef7c5bdd68ce6f8902e4e7cfb77bf

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    337B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    162e64d3202d3001666aa7d4beef0bc6

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    2cbe30ed99d0e8b3a4fd0ca5a586e12f5455418d

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f9eb1864ff43b56a899bc2deb866d45246d45769789de0003b4704269f7aa9f0

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    43a604f8f86819ce498af2732fd25a9645c9d280fe7df4080c0e439c546720883fbe20e43bf064f2dd9e4b6e0bdc7165e6077b76ecedde103f0d083756842869

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    44KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    c2662c208907c0dc34b1783b85c57739

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    b153d58a1e3bd9bb022f3b6e62a0500b0f23ba3b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    f1ca13157b8725157f66758d013a2faa73808f85977b935e7f0efbeab1ee685d

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    b773017905844ed61e13cef92356a423db13574b10e4971d24040e854b3cffcaf1885110fad08cf8ec9939a23f625ad3f388a6c267dffb578ea858da75958ce7

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    264KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d0cccd3feac888bb3ecd424d83b3a5d0

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    90f4cfaf314bc83ba42419ef6978ef9d48540b54

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    79f0d001fd0b5e1fc6bfa51944b24f6c04278213968d385af810ef46cf24356d

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    626f7a720cb38901358480159614fc04ddc6039cf79b94a3809cfd7b02f150ad6752f2ce7835e47bc7b6a0d720ee7394f801c9edbe7f612f20368fc6d47c583a

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4.0MB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    0e0a11eb250813ecca2a457b0a8ba116

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    3c0320d5661f416f0713022086339382e77c922b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    9e96ba8d54d8ebf47930edf13a549b6591536fe7901a7709e60235a09834d49a

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    12f60e086f803fba6328aa1f9fc9336ad857c77273f1b91f902f298e0e28ebc87e97b92c21c90dd6be8504ada6e0a08405a81588558f05eb376f6a2ea9b33fe0

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    17KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    6bc4851424575eaf03ebe2efee6073ab

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    2d014fe2feb929d03a46322645a94556ca5c9e96

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    abaded8e235fdf329521806af30a1cc7701eaca3fe2efccb9da760ec6d8e5e4e

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    af3b7d93fa2243475d74d4bd7f918ce2706bf6eca28029b9e49869f5f793e483efaafdfab1fed6306d5fc77a5ed3b27097b27448cd04560bed4df6fa3268ccf9

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    17KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    fc97b88a7ce0b008366cd0260b0321dc

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    4eae02aecb04fa15f0bb62036151fa016e64f7a9

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    6388415a307a208b0a43b817ccd9e5fcdda9b6939ecd20ef4c0eda1aa3a0e49e

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    889a0db0eb5ad4de4279b620783964bfda8edc6b137059d1ec1da9282716fe930f8c4ebfadea7cd5247a997f8d4d2990f7b972a17106de491365e3c2d2138175

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    120B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    a397e5983d4a1619e36143b4d804b870

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    11B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    838a7b32aefb618130392bc7d006aa2e

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    5159e0f18c9e68f0e75e2239875aa994847b8290

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    11KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    1f5836b28e207348725d05c8a0a00b57

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    ba366ffdfe87239507ab2bb6336222ef4161fbff

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    d0b8827e71ed6b5b0b317d5d7968632e19b0944bab8fd8c688ee04c1757df8fc

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    7b3463ac143673c5f438e0e62302f54882f7580d0b7014e5c0ceae9d423ee6d2e2a56242779403c673ac230242ada653f696f3d7b1ddb5898fc8b5e9ac49b6dd

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    12KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    583de979c44741fe2cf67b694dc54638

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    d7108736ba484e6ebaf557a75641e786b313432f

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    39a7c0858efcabcde21911e9cbb542eb25db0309f03b27b56d53ba97ad8b2e3a

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    6ad9597b8f575d77b52986a261a94e3521123724b6a24dce8e81d347d4800d63a6aa7e1b0931d4a7b7ef56ffc83c72605868a4cb4618046df2931d0c837c1c30

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    12KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    ed99b22ad2eff29076752d0448b762f9

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    137d12fb2400f6b9f5829b1f5508bb77348f5570

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    182f0f7b9bb171840329e2bf3f1a165257e775cebdacf3634ac765109f8c2404

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    cb1a4722a434ebd6e650bb8ef9f9d841fee0c99ead147383a9466aea8146c4b2666c592b8698ce6dd5bed5b92fe993f84dac1de1761d926f69651eea13fb3ca5

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    12KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    fa7cccd1dd018a86ce9a27fb26e2b6dd

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    6e1aa65defc5824f2eea253d9242b7523c85f945

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    7e2085089df5875ec0f5b6dc235ab6557b1e4f7a86f46289fa888505536d80ef

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    86ef5ef14dc2429e0febb7d8642199fb7755c11a76d30ba2563ef72abd5cae4ba15c78df1600a82a2e47e016baaf93934a454e1bcfdf61624a43b9d2023d15a8

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    12KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    5dc723eacad643d6c287f7d664a25306

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    868c25d22f42b8b57e176f2a49cd45e5b87b0bc9

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    6fed4b7456ec653c8d710498e982b98b8926d26e5d4f740d75c2b84fb652ee9a

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    7a203bc7ee69253eebc09b14d3024e1b9d1ceb52a113a63a65bf02420ff5c74404ba7d587cc13447b904691d56e97cb8d88e315db3fbf6c08f995921db3ece7e

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    264KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    93b7a8babcead9bf086975ecbe638f65

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    9c1187fc19d612e9aa9cdb6543cae96a8e428edf

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    1c7be503844ee7810f9cada30bb348137d41f3b1ab1f9a0bdf943f02456bbde4

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    e3228fc2dbaaa3f24fe2edb7d1c236995c0674ae0070af1887261045d555803d7f06e98d749170673f7397c8cdb6775f1640250ede5929923004498168f9383d

                                                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    5ee64372f98a3910a4977bf012e01cb2

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    b0289055f87c3e6eddae029f3a072ce02a76576b

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    0e6c51be7a9d5ce6675093a8b13419648e71914eb234987707c17617917bb01f

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    b25fadb8aac5e4e7a0219e10b2e9b3e2f0f6b24f001bdeb01bc5366a28a6aca6f20eda7324e3c0dbc2646f91162a5e46b1baae0ab2c6fc1e047410dc1d9a9437

                                                                                                                                                                                                  • C:\note.txt
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    218B

                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    afa6955439b8d516721231029fb9ca1b

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    087a043cc123c0c0df2ffadcf8e71e3ac86bbae9

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf

                                                                                                                                                                                                  • \??\pipe\LOCAL\crashpad_4052_XWXYACBFFCITWIZL
                                                                                                                                                                                                    MD5

                                                                                                                                                                                                    d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                    da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                                                                                                  • memory/2412-535-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-528-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-530-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-529-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-540-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-539-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-538-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-537-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-536-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB

                                                                                                                                                                                                  • memory/2412-534-0x0000000005180000-0x0000000005181000-memory.dmp
                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                    4KB