Analysis

  • max time kernel
    1727s
  • max time network
    1736s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    16-06-2024 17:02

General

  • Target

    ventiq.exe

  • Size

    9.8MB

  • MD5

    c8ff052c53d5b9508d5e6a77db214890

  • SHA1

    abc5d78cbbafb557e6ac52bafb9b84674a95a53b

  • SHA256

    5af76378a64867942f11b406ad7257268cbb197dea39603475a983fae06f2b59

  • SHA512

    d1cd4bdbf648f78b21094e079df6c6f62df686c0c29d78a3c4a85e39105efaf3be3dfe4d356237f45296ff8ed26e30f4a347b2a2d7549415d1bda159068c8736

  • SSDEEP

    196608:OSnLs4TE/6IHnu2EQXzLx+u6kq2zS9j/1uvI3rmohL7rSedFb9tDZnBq:Lg4u6CEQXXx+u6k/zS9jAvI3rmk3OopY

Score
7/10

Malware Config

Signatures

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs
  • Suspicious use of FindShellTrayWindow 59 IoCs
  • Suspicious use of SendNotifyMessage 28 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ventiq.exe
    "C:\Users\Admin\AppData\Local\Temp\ventiq.exe"
    1⤵
      PID:236
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
      1⤵
      • Enumerates system info in registry
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:132
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7ff9b0e23cb8,0x7ff9b0e23cc8,0x7ff9b0e23cd8
        2⤵
          PID:4936
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1936 /prefetch:2
          2⤵
            PID:4664
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
            2⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:2080
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2508 /prefetch:8
            2⤵
              PID:5012
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
              2⤵
                PID:3884
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1
                2⤵
                  PID:4868
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4000 /prefetch:1
                  2⤵
                    PID:760
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4044 /prefetch:1
                    2⤵
                      PID:4164
                    • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3792 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:2292
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4940 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:3360
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3852 /prefetch:1
                      2⤵
                        PID:4672
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4584 /prefetch:1
                        2⤵
                          PID:4968
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,15676326646847993867,1910073116099078412,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
                          2⤵
                            PID:1744
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:3168
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:2800
                            • C:\Windows\System32\rundll32.exe
                              C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                              1⤵
                                PID:1244
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
                                1⤵
                                • Enumerates system info in registry
                                • Suspicious behavior: EnumeratesProcesses
                                • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                                • Suspicious use of FindShellTrayWindow
                                • Suspicious use of SendNotifyMessage
                                PID:912
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xe0,0x10c,0x7ff9b0e23cb8,0x7ff9b0e23cc8,0x7ff9b0e23cd8
                                  2⤵
                                    PID:2620
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1852 /prefetch:2
                                    2⤵
                                      PID:3564
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3812
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2608 /prefetch:8
                                      2⤵
                                        PID:2468
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
                                        2⤵
                                          PID:1988
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1
                                          2⤵
                                            PID:4688
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
                                            2⤵
                                              PID:2216
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4416 /prefetch:1
                                              2⤵
                                                PID:4556
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3260 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:1316
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3316 /prefetch:8
                                                2⤵
                                                • Suspicious behavior: EnumeratesProcesses
                                                PID:1500
                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4676 /prefetch:1
                                                2⤵
                                                  PID:4632
                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
                                                  2⤵
                                                    PID:1932
                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4208 /prefetch:1
                                                    2⤵
                                                      PID:4576
                                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2460 /prefetch:1
                                                      2⤵
                                                        PID:4900
                                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
                                                        2⤵
                                                          PID:4912
                                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
                                                          2⤵
                                                            PID:4372
                                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4280 /prefetch:1
                                                            2⤵
                                                              PID:3156
                                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4016 /prefetch:1
                                                              2⤵
                                                                PID:940
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3744 /prefetch:2
                                                                2⤵
                                                                • Suspicious behavior: EnumeratesProcesses
                                                                PID:2136
                                                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3976 /prefetch:1
                                                                2⤵
                                                                  PID:1744
                                                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3900 /prefetch:1
                                                                  2⤵
                                                                    PID:1912
                                                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1748,12223220439475403224,10280832709579511570,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2976 /prefetch:1
                                                                    2⤵
                                                                      PID:540
                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                    1⤵
                                                                      PID:3948
                                                                    • C:\Windows\System32\CompPkgSrv.exe
                                                                      C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                      1⤵
                                                                        PID:4912
                                                                      • C:\Windows\system32\svchost.exe
                                                                        C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
                                                                        1⤵
                                                                          PID:1120

                                                                        Network

                                                                        MITRE ATT&CK Enterprise v15

                                                                        Replay Monitor

                                                                        Loading Replay Monitor...

                                                                        Downloads

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                          Filesize

                                                                          152B

                                                                          MD5

                                                                          d56e8f308a28ac4183257a7950ab5c89

                                                                          SHA1

                                                                          044969c58cef041a073c2d132fa66ccc1ee553fe

                                                                          SHA256

                                                                          0bc24451c65457abc1e4e340be2f8faceae6b6ec7768a21d44bcd14636543bae

                                                                          SHA512

                                                                          fd5798559f4025ec3408f5550b8671d394b1ec83b85fdac8c005b0cc3e183272bdd07db15a156a572c9c5e5798badf235dc10aae62a052efa8dd9dfdbdca8189

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                          Filesize

                                                                          152B

                                                                          MD5

                                                                          dbf6eaa2e4c4159e4bf9731ecf7a5fed

                                                                          SHA1

                                                                          5e7a69ea9ec1bfdd6a250b65b23c495136451114

                                                                          SHA256

                                                                          e0c90a18f02eef7813b39729d33043d1f938bb9af4d1536ac0dc5f66e336d0c2

                                                                          SHA512

                                                                          5334119699dc524e15bb2c104efac326b5ccb814d6f8d840550482bc232867e53ab1783666ca2dc5bcfc5945c5971f5c85b962fa7a0e08b16d9b185f9cef3778

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                          Filesize

                                                                          152B

                                                                          MD5

                                                                          8f2eb94e31cadfb6eb07e6bbe61ef7ae

                                                                          SHA1

                                                                          3f42b0d5a90408689e7f7941f8db72a67d5a2eab

                                                                          SHA256

                                                                          d222c8e3b19cda2657629a486faf32962e016fc66561ce0d17010afdb283c9de

                                                                          SHA512

                                                                          9f7f84149885b851e0bf7173c540e466a2b2eb9907d8b608f60360933328cc75d9d1b63640ea4ecc1e64ecc5dd7ee74d82903f96a8b4418ca56296641a8c0703

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

                                                                          Filesize

                                                                          44KB

                                                                          MD5

                                                                          1489f8502dc265a4331f1621a87118b7

                                                                          SHA1

                                                                          14da691ab3d16354e549bbae3d02724ba971718d

                                                                          SHA256

                                                                          20ecb2f09924161e565fbf187fa9acfe6e968de3b5f4a446cc0eabc1433bb9f7

                                                                          SHA512

                                                                          5504da10461e8518b1511d2b6c36060c81e71de29778d84a66f99b972fd9bd293db974cc611a5e34417d5fdb10c814460b85a2699db026a5487f81e167c53764

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

                                                                          Filesize

                                                                          264KB

                                                                          MD5

                                                                          d80d095ccecda12250c99db55d946b88

                                                                          SHA1

                                                                          45013405d2871f199e567ef897cebce612e84ad4

                                                                          SHA256

                                                                          4a4cfc981c2710f06caeb8645c91cf278d8ab96c1cf32033ad76951777438167

                                                                          SHA512

                                                                          fb076dde0a786247e555cbc7313a94d6975c5d93421deeeea5802484142ffdad769e2e9ac90a2ec32d1401594163c2d9b22030cac5520638ed8c65ae8f9b9d67

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                          Filesize

                                                                          319B

                                                                          MD5

                                                                          4ab14f7e0c3d04cac3c855bf10dc06b7

                                                                          SHA1

                                                                          2729dc8e5100b22fa89b6d89a515fc9e3a790c97

                                                                          SHA256

                                                                          b7ba06b8e030e82cdf9fa967ad4ba5693be6fc2d5d33379605adf2ef07a85584

                                                                          SHA512

                                                                          b9f66c5f5f47bdc776a0003c36cabe74e0fd8bbfcfee51cff7906d541b48ec685dba7817eee6ff501cf0c9981a3f40ceb6fcd6ef09ff6541a6717abc3a04b20a

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

                                                                          Filesize

                                                                          6B

                                                                          MD5

                                                                          a9851aa4c3c8af2d1bd8834201b2ba51

                                                                          SHA1

                                                                          fa95986f7ebfac4aab3b261d3ed0a21b142e91fc

                                                                          SHA256

                                                                          e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191

                                                                          SHA512

                                                                          41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                          Filesize

                                                                          331B

                                                                          MD5

                                                                          a507753901b05a8bf8fe8c48d292b153

                                                                          SHA1

                                                                          0224f1c5e998890c6ee664b338928eeb78bcbfb5

                                                                          SHA256

                                                                          be9005e9d0068e18bf7e8660f2a4dcd63f1eabae70cb16491e99d4cd86123e98

                                                                          SHA512

                                                                          febbabb61c018425e7f1c520955bbf47d8d0276ab3abc306429b30313411784b709d9543fea8c43e14f6e6dca0f806c352b36cf5364eb9bee6ba969a85b6b751

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor

                                                                          Filesize

                                                                          36KB

                                                                          MD5

                                                                          5d352a03280eba57cb274d27ba6c6b7e

                                                                          SHA1

                                                                          8887766642a81a1248dd5f93239ce63e93839900

                                                                          SHA256

                                                                          3b358849502f5cfd881dd035ff274a5753f90047a131884838c677e22f2305ab

                                                                          SHA512

                                                                          b8037a046c4be7be120bbfddedc780a4175fc8e6c863e9095e39a4e16d2e8ced27c40f38c569a79df990057175e3db6aa35eac645598af3647caa5744052bb1e

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          96c7b33332c9173e9603b1952a412f92

                                                                          SHA1

                                                                          660235d5449fa268126fca9d1c77e27f9492580c

                                                                          SHA256

                                                                          285edf93ac7302e99beb18b866eb69524114fa6e399e3b8e77a9e5c486921309

                                                                          SHA512

                                                                          91646be0cfeefd6d8aa678f31b3334d6806017c0131bd1451f820bf258df7c813841dcad6b17d5d2854cae49859b5ef61851584ddae209c378bd1355357037f0

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          f6a8bacfc769dd3b15af7f0a61c23960

                                                                          SHA1

                                                                          6ffb3589d5c5cc495a75c231be70e857a8f01991

                                                                          SHA256

                                                                          19d6d83d1731b9e133ef89b845d00244b458ff24a9a2e78c41e376a8dd26477a

                                                                          SHA512

                                                                          60151f4836ecba5426e14a53a1e9309a42919e360d399bfa3dfbc57765d4a4c68f252f1af546e6f0f34633cb5a2de7b236fba3a00b1de5c31a00d6e589dee38b

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          6793df1ea52632033ec1181b2a18bd67

                                                                          SHA1

                                                                          f6b66a138ddd9f9731609f74f4c5c03869395135

                                                                          SHA256

                                                                          8e9e418a6f3feb906a841e1fbe388c217d3f2d5b7925092a2c688a9871f2307f

                                                                          SHA512

                                                                          c4ff9e08311b9b6ea4b83d4e0907f073520648d526589be837af5b2bdaa05e8fbbc211390954977c38b3de1148628bd375696240e5d389f75892b0f214566305

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          a7a1e3a8f9c0ff5bb2a4e04ac4d15878

                                                                          SHA1

                                                                          e8f46bb90234055330e2bd5393be6b1d7f04268b

                                                                          SHA256

                                                                          660300bf9f9165b6775b42bd4538769be5a59d06c7986596b8d3cc9d0ed8f5c3

                                                                          SHA512

                                                                          7251387216d408d122d5d0ec7e878c12c53d534204251a87cb2ff2046d4f28447f5b7ffd4ae2f00ae3dedcfcd23815fcf5866cb61de1b46285fb900c386b497a

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          bb4b9da2401a00a6367e970106dff170

                                                                          SHA1

                                                                          d27f913454d8c7a5025d9f7bb15c8b39f6f34d77

                                                                          SHA256

                                                                          817647adea87042443a5669e139ad6357f9c49f6bf2e37e7c85df85dd766c440

                                                                          SHA512

                                                                          5aacb82c3a36872a3d6ec48a5e9481300d78d42c294a1681fce44cf0922532f20f715bd12665293c7cc2b54e6b5ec918b84eeb201c448fe9d032743ecc0f3008

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps

                                                                          Filesize

                                                                          33B

                                                                          MD5

                                                                          2b432fef211c69c745aca86de4f8e4ab

                                                                          SHA1

                                                                          4b92da8d4c0188cf2409500adcd2200444a82fcc

                                                                          SHA256

                                                                          42b55d126d1e640b1ed7a6bdcb9a46c81df461fa7e131f4f8c7108c2c61c14de

                                                                          SHA512

                                                                          948502de4dc89a7e9d2e1660451fcd0f44fd3816072924a44f145d821d0363233cc92a377dba3a0a9f849e3c17b1893070025c369c8120083a622d025fe1eacf

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                          Filesize

                                                                          156B

                                                                          MD5

                                                                          fa1af62bdaf3c63591454d2631d5dd6d

                                                                          SHA1

                                                                          14fc1fc51a9b7ccab8f04c45d84442ed02eb9466

                                                                          SHA256

                                                                          00dd3c8077c2cca17ea9b94804490326ae6f43e6070d06b1516dfd5c4736d94d

                                                                          SHA512

                                                                          2c3184f563b9a9bff088114f0547f204ee1e0b864115366c86506215f42d7dbf161bc2534ccaee783e62cc01105edffc5f5dabf229da5ebd839c96af1d45de77

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                          Filesize

                                                                          319B

                                                                          MD5

                                                                          046b7f23611fc3339d4cedc734620b17

                                                                          SHA1

                                                                          100d38120ddcfa1ce576f54b7edd479ca6cfcfc0

                                                                          SHA256

                                                                          023f03f511dae16219b9813f978bf3d9e5d8c9534a0dd8d05d5c8ce298d349ee

                                                                          SHA512

                                                                          bb6d21edb6d84bc73b77713f30e2bd25651c81022922098f255906d54ed664244860de80aa9d0f9ec94f8bf247d5d25e46e66e2fe37b3d2eb7d2f592c59ba5c8

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13363031042379390

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          245e07fff7dd5ac17337fd68b9884f3f

                                                                          SHA1

                                                                          0ae92d6d310b94f4b5080e8349163f19bd0b0e61

                                                                          SHA256

                                                                          3a69eb27fc14428b6d15a99d2ad2942a097c8836f54bae67e050bae0e3c982f8

                                                                          SHA512

                                                                          fd9cb009df3240ef9dfb4e6e73bc2eb0d93f8fd5d133bb5716d0fb7cbd73a9586d8a16c60c4ae716904629646ad72a0a5b70893be8cd5bea827a3035fc16e00f

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13363031042564390

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          b98b35d4e6c3b61bed3b6f27c6ea6e25

                                                                          SHA1

                                                                          6e61cbc19621c483a6bd7d8cff2135f27c2d36ce

                                                                          SHA256

                                                                          044fdb4d5fba37895267e0e0159625eff48a414b9f3ca384158fcc8b5a7f9aeb

                                                                          SHA512

                                                                          9794c7ffbc8032b391869ccf1a88e347009ef406995a601500554946da6eba62040559c572fa5751e5d5183255dcf7dfd584876eae691af181020e5be51b0b56

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                          Filesize

                                                                          20KB

                                                                          MD5

                                                                          8be985ece811ba0a3f10087f5f4e6fd4

                                                                          SHA1

                                                                          c87c84d4fe182ffb8362f3cabd33349af94e9b55

                                                                          SHA256

                                                                          da78d36c765d3248b1a72ead5f83b7a58cba7d361f17a6831332ee994cee939a

                                                                          SHA512

                                                                          901932baea8712e89188cfce00a6b2388ba38697bcbfeebcf8b83b88b0cb26c7323b098ba6983c312ded1041f6e297412010113a32e99a9350aa4492ca40efa9

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                          Filesize

                                                                          347B

                                                                          MD5

                                                                          84b6617a0827bafbc983bf1dfcd50751

                                                                          SHA1

                                                                          744a77d15f2b3190a074add5142f63b299f51023

                                                                          SHA256

                                                                          4d6e072785ddd1ae00c91db7694c74f9b1bec7ee8f3d0831ad4f0bda82c31ff9

                                                                          SHA512

                                                                          4f9df68c07d8afec57955ff55c755970f4dffca228930c2c00a1abb022806ee0aaab30c1dc04427367d6e0c634c216a8497de0870b6fbb9d52e9a495b4ad4b22

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                          Filesize

                                                                          323B

                                                                          MD5

                                                                          3ba8d492ab1e81970e9b54479f1d12e6

                                                                          SHA1

                                                                          fb1f6d42066d95f8651868b8aef79d38c35d1adf

                                                                          SHA256

                                                                          0f45195cfa5ed84f3178942e241eac6f757648959c139c132778167269682aa2

                                                                          SHA512

                                                                          f7659f3ea9d90d8c0bb1e574ec014e573a83e8bbd178cb4aa57ce30f8905127c928e66c35a1196d967d33792505cdaf83a4d0a11989c139d206ac0b38ac9cfee

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          46295cac801e5d4857d09837238a6394

                                                                          SHA1

                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                          SHA256

                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                          SHA512

                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          206702161f94c5cd39fadd03f4014d98

                                                                          SHA1

                                                                          bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                                                          SHA256

                                                                          1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                                                          SHA512

                                                                          0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          6752a1d65b201c13b62ea44016eb221f

                                                                          SHA1

                                                                          58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                                          SHA256

                                                                          0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                                          SHA512

                                                                          9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\LOG

                                                                          Filesize

                                                                          198B

                                                                          MD5

                                                                          ac350a51892eb1ade6d82210194962b1

                                                                          SHA1

                                                                          193bd214f621bffa173262a2eafb69a687a513c8

                                                                          SHA256

                                                                          b2c154ecda944cb3afaaf96ace328f776948fa88edd7d3f563149c1f54d49390

                                                                          SHA512

                                                                          c87de8c221c2daab53b0eb9863706562aff84c6b8db60e3d46e2ee196398a3160eb7743b19263024bcd4347f7358f12f93e3882248e1b6091c02417a2cb3adbd

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\MANIFEST-000002

                                                                          Filesize

                                                                          50B

                                                                          MD5

                                                                          22bf0e81636b1b45051b138f48b3d148

                                                                          SHA1

                                                                          56755d203579ab356e5620ce7e85519ad69d614a

                                                                          SHA256

                                                                          e292f241daafc3df90f3e2d339c61c6e2787a0d0739aac764e1ea9bb8544ee97

                                                                          SHA512

                                                                          a4cf1f5c74e0df85dda8750be9070e24e19b8be15c6f22f0c234ef8423ef9ca3db22ba9ef777d64c33e8fd49fada6fcca26c1a14ba18e8472370533a1c65d8d0

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db

                                                                          Filesize

                                                                          16KB

                                                                          MD5

                                                                          9a8e0fb6cf4941534771c38bb54a76be

                                                                          SHA1

                                                                          92d45ac2cc921f6733e68b454dc171426ec43c1c

                                                                          SHA256

                                                                          9ee9211a57c3f6fa211fe0323fa8cd521e7cbffcd8ff0896645a45795dc472be

                                                                          SHA512

                                                                          12ed22537dcc79d53f6c7d39e92a38f8fea076d793198928f5b7a5dd1234d50a3c0b4815632f3fadf8bc4ef0499773d22bd83f961d2d0ffd8afacf471bd3a5ae

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

                                                                          Filesize

                                                                          44KB

                                                                          MD5

                                                                          41cb994d55882df287ad8bd439ab56aa

                                                                          SHA1

                                                                          29dd3965d2a1679d1a39a3313e98a6c2ba8d06a0

                                                                          SHA256

                                                                          820f31c730e85010a2911bbfdc7243ec984edefd89af53b00544aaddc1bc8df7

                                                                          SHA512

                                                                          369e61a1aff2bc352552e3e02f75cd3de01ba2d35d2e634a5682fa62bc14f1763f2b44e213e402b19b3a13a28159d76a9501d712605990371cfbb7324fc8af73

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\previews_opt_out.db

                                                                          Filesize

                                                                          16KB

                                                                          MD5

                                                                          d926f072b41774f50da6b28384e0fed1

                                                                          SHA1

                                                                          237dfa5fa72af61f8c38a1e46618a4de59bd6f10

                                                                          SHA256

                                                                          4f7b0e525d4bfc53d5df49589e25a0bccf2fcf6a1a0ca3f94d3285bb9cf0a249

                                                                          SHA512

                                                                          a140df6ec0d3099ef374e8f3ece09bf91bc896ac4a1d251799a521543fe9bdea796ba09fa47932bd54fa939118495078f9258557b32c31d3d4011b0666a4723f

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                          Filesize

                                                                          19B

                                                                          MD5

                                                                          0407b455f23e3655661ba46a574cfca4

                                                                          SHA1

                                                                          855cb7cc8eac30458b4207614d046cb09ee3a591

                                                                          SHA256

                                                                          ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7

                                                                          SHA512

                                                                          3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                          Filesize

                                                                          319B

                                                                          MD5

                                                                          d715fe42fde7da4ae6d1ba857ec7b262

                                                                          SHA1

                                                                          fc7198529ee1dfa737035b3005e1f0f52a7990af

                                                                          SHA256

                                                                          54125f95cf09ad16baf0ef94f73383d4386dc29f296ef2129325ddee595420fe

                                                                          SHA512

                                                                          5d8aa124a322ba4f71b66f63fb91727b5327b642233815b0c7591dabc61cf215ae20594d6cff248d5e69616721dfa3d10ecc3f135d877e409ed3e3ba018182b8

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                          Filesize

                                                                          318B

                                                                          MD5

                                                                          b5ff262a3de127224fd2062eb5e3f8d0

                                                                          SHA1

                                                                          5ba988ad5f5abbad09221bd791cf524f5e2404ad

                                                                          SHA256

                                                                          84d7ed9e493239f55f1c3af723191d8aeb490bd0c97e386cad892dd2bcd42348

                                                                          SHA512

                                                                          a63f6df2bdc43f29dcab1f24ee88f1e5a49054b573ebe086559b3f5fe6106e5d9c5a44bff05f131726c4c6d1ddad4df5ad247c5cbe3221dd753da2f1b24b9924

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                          Filesize

                                                                          337B

                                                                          MD5

                                                                          bb2394b7dfeb8d18ca24c380cc101c37

                                                                          SHA1

                                                                          c7fd81560f1937fcd613beb0ab25b0fcbdcaa81e

                                                                          SHA256

                                                                          d348d915e36f0ab0bcfb9c6ba68aaa9a57577a76a548a06147851a4f3575f244

                                                                          SHA512

                                                                          e372087d00bfc6e276d2bd9ed5dc62fe7b0bf312870957efd98d36b6c8f697a372831b6b8b6c3076c29320e553a9c25cf5f73a91172035e27ecc55aa73152029

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

                                                                          Filesize

                                                                          44KB

                                                                          MD5

                                                                          7ca4be69b1e6d61215af3789553d7e2c

                                                                          SHA1

                                                                          650979e574882c6844b91abe54f96b4ef5c09034

                                                                          SHA256

                                                                          f0730c197f20de13cb240c3e23a760689efffe4e0fa698a2e862def8f6241450

                                                                          SHA512

                                                                          42d916fd35cfaf890734d222012f5c796c7dcd4b5ae0b18a95444ab5c856a4a0b20201e9aac5d743fbe9ab3d1f247633ccd4e2729135b1055c0ccb2717dbe2a6

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

                                                                          Filesize

                                                                          264KB

                                                                          MD5

                                                                          b8cc09c5d4c70c03c084f39f7309041a

                                                                          SHA1

                                                                          12a63cd2d314ebb5e21832174d82dfb8121e84ae

                                                                          SHA256

                                                                          077387fde9eaaaded32cbe26a3d5c6a0f3e5b0eb1d12f0c72ea861edde22170d

                                                                          SHA512

                                                                          319e068d5be69643541ba879465d3f3175608067bf24bfe0252625062c8d21316cf6ecac09bdca1e5aae9e140d4a14ce13b5ffe7aa0b2cc99c5e0ac0f67ede20

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

                                                                          Filesize

                                                                          4.0MB

                                                                          MD5

                                                                          b28b19ebf73329cd68308bb4adb4f1d3

                                                                          SHA1

                                                                          26307a078d02555df7da79ba43b65b311944783b

                                                                          SHA256

                                                                          39736de55fcad48b1660a28d646729580c3b569aabd3cd69a6b3ae4ce9320f52

                                                                          SHA512

                                                                          757a5d5dfb489beb3ddf8b0e6eb43d6248342b87010533136fe3769f5a79e88279f2c21a3dab9bb4f158c3c82ae78385e78bae3e11431dc0e7579dda4a545ea0

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000001

                                                                          Filesize

                                                                          20KB

                                                                          MD5

                                                                          ef9588ca82f853399e5968af99985e74

                                                                          SHA1

                                                                          80d9df4f75c3e789ddf10584d9ff9de2b6154cb0

                                                                          SHA256

                                                                          9d550015f47a4d5d502f8a2f5b33bd9cbd136f4fea7c64754c8cc5a9651f7fe5

                                                                          SHA512

                                                                          a77b6b0bcea459ab4fc1e5d0983e85b86a6b0835849345f6afbfb27a5e84d8d1a38ff16e21ecf862e95d0a74e3fe97fda28bea66752b8bd64fd44c8ba680a5c1

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000002

                                                                          Filesize

                                                                          20KB

                                                                          MD5

                                                                          7e86d5c1bf2ff36b15bfbd8fcf748b16

                                                                          SHA1

                                                                          59a1515ddff8caec85c4f27ffb17b69a42ec6226

                                                                          SHA256

                                                                          82f03e141e82546b261c1a24cd9ae3cfd4b19a7b4f343a296428deeda88cf856

                                                                          SHA512

                                                                          943fdf966d2ca4bfb35e01431e7bae1611e86d4bbf9c27524ba4502a9a93b8c0bb39e7760a8ee76993c4099da1ff49febe0b48468f134d4121f22a0ffb41bf2f

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000003

                                                                          Filesize

                                                                          20KB

                                                                          MD5

                                                                          2a029687e73114ebcb4fad10c0114e8a

                                                                          SHA1

                                                                          f09cbbed46b9f8c731568bdcee13024e89bda397

                                                                          SHA256

                                                                          fe6e92a5b020858bbdd8089533c6f22703bc5927e22f689c384164096705b11b

                                                                          SHA512

                                                                          211dc45e2bb5739bcf863c44ca8132f92e895b3c95d074929aa4338698d53c6ccb3a8e2f23180260d9226073f4f5cd21a200010a7a224de7c8ac2e1cc853730d

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000004

                                                                          Filesize

                                                                          16KB

                                                                          MD5

                                                                          cf2bd14b9d3cd984e6d386a34a919b56

                                                                          SHA1

                                                                          f1e6514f85cc0c58265cb57eb45dc25ccc8b766b

                                                                          SHA256

                                                                          ebd76d4c21d29d137bda8c38a2a4194444e19be0af0e7b73de50c60221917c09

                                                                          SHA512

                                                                          4a6b6e258205b6081d2049d5ba2d5c6881d3acdfcb7c44f08e0cc34d099b0ffbe6aa91c1df0a5eee318882847c136998976c36dc28de20206561d2fd2d4d071b

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000005

                                                                          Filesize

                                                                          18KB

                                                                          MD5

                                                                          9426ed3e56c958d0a723ddb8fe91c298

                                                                          SHA1

                                                                          78e809c2232db5e1afc41f5dca396816e4180cd0

                                                                          SHA256

                                                                          311d8e7d3663dce048debb865e6f93b3423796262cdbae5d36ffecb1378bd98f

                                                                          SHA512

                                                                          d748e9fcca4ed40d773beed60b060b2adb0a47e70bc4994701aa6c7331f3be4588568b5a0f954f8732cf36df0393f19fb91b56a8c977e9c11e16dfa5d6a2b508

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000006

                                                                          Filesize

                                                                          17KB

                                                                          MD5

                                                                          2f2d09e164a7bddc1edca269e5363d1b

                                                                          SHA1

                                                                          b901a3c9922a3416fbdf7abe4d6d570b3d275ac7

                                                                          SHA256

                                                                          be0c5e95837bdcb98becc101885a06246675c340c54c51aa07196142a3818102

                                                                          SHA512

                                                                          be6f0469b736204ea20c54c428a1e1111ce69ddb2e9d166da2cc101e3b3b06166ebabc4e8fb87ce061056c2c7e05e6f05e955d4892aa6d3661049686dc5c6dc0

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000007

                                                                          Filesize

                                                                          19KB

                                                                          MD5

                                                                          c0c309b6256453fad41808c5f1cc81f7

                                                                          SHA1

                                                                          f12636cfcde967350f284c7b4cb90461d5ddec12

                                                                          SHA256

                                                                          6645b09f4ff4f5ec759836495367d858dabed404c901acc836c26a936b908337

                                                                          SHA512

                                                                          d4bb7b478d02e187694a13debb8aaa3a531f018501d277dbee7e49b35442ad567df9ec30bffbb45de92a538622eb70503faccd407bbc93416d338bfb8a6d2841

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000008

                                                                          Filesize

                                                                          17KB

                                                                          MD5

                                                                          01c531b6bbd06a2f0b438670f84804de

                                                                          SHA1

                                                                          a5095fbdd8112d83cff24536d6c769ba85300587

                                                                          SHA256

                                                                          28c2640e996c514e89ed0638447c3f58bd7a829290bf16d27d7960d2c1121efd

                                                                          SHA512

                                                                          61656b632ab006e389d8493ac008d3c670fb2f3a21cea44975c12a62f265f1c0de2ab4f516b302e298bba13dc9c5fc9841adb66f154c335416ce9b0cef89e118

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                          Filesize

                                                                          120B

                                                                          MD5

                                                                          a397e5983d4a1619e36143b4d804b870

                                                                          SHA1

                                                                          aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4

                                                                          SHA256

                                                                          9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4

                                                                          SHA512

                                                                          4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                          Filesize

                                                                          11B

                                                                          MD5

                                                                          b29bcf9cd0e55f93000b4bb265a9810b

                                                                          SHA1

                                                                          e662b8c98bd5eced29495dbe2a8f1930e3f714b8

                                                                          SHA256

                                                                          f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4

                                                                          SHA512

                                                                          e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          e83d6de64165ccb81a3ddbf0366d152b

                                                                          SHA1

                                                                          b1079264b87b984369f107cd427aca3c055c94e4

                                                                          SHA256

                                                                          a479767717034e3e97c54a23eca267e0e0dcb66d1ca6abc4ca214e39ffcfcabd

                                                                          SHA512

                                                                          b8dd2940ccf74221f3685314198925d2c11e5af9e3699fc200ddf69fd74dc94ff164daeeb89a9011c5031ef4799a223cdd444a9162e9348020f9e139b49f6652

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          b490f3520642df2697344680ebc00996

                                                                          SHA1

                                                                          9ef6d6924368872ec5e802635da6c8b6d5733f83

                                                                          SHA256

                                                                          02fa9ab9ae52809320b0811170ffb6bc56e7e0ae2566acdd44889f696775f75b

                                                                          SHA512

                                                                          93eecceb2c6b6288ac03e257fd814499472a159a471730b534d6d0bfc638c4f98dab250c7016a4d2494ad137c584d2a6aeb8ed7e4ff09e0738a2c40ccb727b10

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          93c80a38690bdc234d93eb8e4e57197b

                                                                          SHA1

                                                                          2abc023a4fc0a7f23859da9cec7b66b3449f4e13

                                                                          SHA256

                                                                          59559f979bbef0df6600ae8def33e604fa820dd3ddd09723eb8afd66db52b989

                                                                          SHA512

                                                                          1eaf3197ddbff318b6dc263276cc65fd3f14b6b4d61319d87ed7f1342465660e2b883048afaff1cfe987fb284a37d8917625431031b9a76d590c5f381aa81b85

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                          Filesize

                                                                          8KB

                                                                          MD5

                                                                          011d9bc70f4fb00c23b0e8ecca996458

                                                                          SHA1

                                                                          4e83ff7f1af8d46c505bf3346035710fa4de4094

                                                                          SHA256

                                                                          4ce86e3c999e89f329f09718a8c750fe72d96b4d7a19a55b86844403bab71358

                                                                          SHA512

                                                                          7b011202c46379193c8967e370549f1ccce2991f035a75b17cd4403baf8b09773307904fa8a20e481de4090188011c421ded185e9ce2b9b9398c5e35c91c7763

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

                                                                          Filesize

                                                                          264KB

                                                                          MD5

                                                                          f50f89a0a91564d0b8a211f8921aa7de

                                                                          SHA1

                                                                          112403a17dd69d5b9018b8cede023cb3b54eab7d

                                                                          SHA256

                                                                          b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

                                                                          SHA512

                                                                          bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

                                                                        • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt

                                                                          Filesize

                                                                          3B

                                                                          MD5

                                                                          6cad92cb1bb42d1284873fc09725e732

                                                                          SHA1

                                                                          28866a9fbcb3e7d712014bb67b32d96a5891efda

                                                                          SHA256

                                                                          39e48953208eccaee9a0186ab45861bd8416c5d86fab4581035445c681a9ec68

                                                                          SHA512

                                                                          1d616ad9439ea20538148a9183ff7120f69f0ad43bafbecba77fdbc4fd4a09b4fc2db38a12c46a92a6788652240f243f838c78493acbd71d9f0db0c1cbfa7ec7

                                                                        • \??\pipe\LOCAL\crashpad_132_HNYHUEZJXZPLEDBH

                                                                          MD5

                                                                          d41d8cd98f00b204e9800998ecf8427e

                                                                          SHA1

                                                                          da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                          SHA256

                                                                          e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                          SHA512

                                                                          cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                        • memory/236-0-0x00007FF6DC610000-0x00007FF6DD758000-memory.dmp

                                                                          Filesize

                                                                          17.3MB

                                                                        • memory/236-69-0x00007FF6DC610000-0x00007FF6DD758000-memory.dmp

                                                                          Filesize

                                                                          17.3MB