hxxps://www[.]google[.]com/

Resubmissions

24/06/2024, 13:51

240624-q6bqzsyeqq 1

24/06/2024, 13:51

240624-q5199ayepr 1

24/06/2024, 13:49

240624-q4n9asvfle 1

24/06/2024, 13:12

240624-qfqgfsxdkp 8

Analysis

max time kernel
1800s
max time network
1800s
platform
windows11-21h2_x64
resource
win11-20240611-en
resource tags

arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
submitted
24/06/2024, 13:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://www.google.com/

Score

8^/10

discovery persistence

Malware Config

Signatures

Boot or Logon Autostart Execution: Active Setup 2 TTPs 2 IoCs

Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

persistence

Active Setup

T1547.014

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components	tv_enua.exe
Key created	\REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components	MSAGENT.EXE

Executes dropped EXE 8 IoCs

pid	Process
6876	butterflyondesktop.exe
3608	butterflyondesktop.tmp
8288	ButterflyOnDesktop.exe
9012	MSAGENT.EXE
2340	tv_enua.exe
9208	AgentSvr.exe
3124	BonziBDY_4.EXE
6724	AgentSvr.exe

Loads dropped DLL 37 IoCs

pid	Process
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2940	BonziBuddy432.exe
2340	tv_enua.exe
6376	regsvr32.exe
6376	regsvr32.exe
8276	regsvr32.exe
9012	MSAGENT.EXE
7844	regsvr32.exe
8340	regsvr32.exe
7796	regsvr32.exe
8888	regsvr32.exe
2968	regsvr32.exe
6368	regsvr32.exe
5512	regsvr32.exe
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE
6724	AgentSvr.exe
6724	AgentSvr.exe
6724	AgentSvr.exe
6724	AgentSvr.exe
6724	AgentSvr.exe
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE

Adds Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\tv_enua = "RunDll32 advpack.dll,LaunchINFSection C:\\Windows\\INF\\tv_enua.inf, RemoveCabinet"	tv_enua.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Windows\CurrentVersion\Run\ButterflyOnDesktop	butterflyondesktop.tmp

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in System32 directory 3 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\SETEDFF.tmp	tv_enua.exe
File opened for modification	C:\Windows\SysWOW64\msvcp50.dll	tv_enua.exe
File opened for modification	C:\Windows\SysWOW64\SETEDFF.tmp	tv_enua.exe

Suspicious use of SetThreadContext 3 IoCs

description	pid	Process	procid_target
PID 2152 set thread context of 6028	2152	Aura.exe	149
PID 2944 set thread context of 2440	2944	Aura.exe	155
PID 3484 set thread context of 6512	3484	Aura.exe	160

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\~GLH0046.TMP	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\BG\Bg2.bmp	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page4.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Options\ManualShortcutsMaker.vbs	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb010.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\T001.nbd-SR	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\t3.nbd	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\t3.nbd-SR	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page7.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page15.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\book	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\sites.nbd	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page6.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page6.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb009.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Bonzi's Beach Checkers.exe	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\J001.nbd-SR	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\t2.nbd	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page12.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page10.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Options\BonziBuddy.bat	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb014.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page13.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb002.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page15.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\empop3.dll	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\MSCOMCTL.OCX	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page0.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page19.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\p001.nbd	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Snd1.wav	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page13.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\Thumbs.db	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\Butterfly on Desktop\unins000.dat	butterflyondesktop.tmp
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb004.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp001.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Bonzi's Solitaire.vbw	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Options\ManualDirPatcher.bat	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page7.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Apps.nbd	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\BG\Bg1.bmp	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page13.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb016.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page5.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page0.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page13.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\page10.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page5.jpg	BonziBuddy432.exe
File created	C:\Program Files (x86)\BonziBuddy432\Reg.nbd.temp	BonziBDY_4.EXE
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb008.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\book	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Runtimes\spchcpl.exe	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Options\chose.bat	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb006.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Treasure Chest\cb007.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page2.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\sp003.gif	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page0.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\j001.nbd	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonz and the Polizoof\page3.jpg	BonziBuddy432.exe
File opened for modification	C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Alpha-net\page3.jpg	BonziBuddy432.exe

Drops file in Windows directory 56 IoCs

description	ioc	Process
File opened for modification	C:\Windows\msagent\AgentCtl.dll	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\SETF4BD.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\lhsp\tv\SETEDEB.tmp	tv_enua.exe
File opened for modification	C:\Windows\msagent\AgentDPv.dll	MSAGENT.EXE
File created	C:\Windows\msagent\SETF497.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\AgentSR.dll	MSAGENT.EXE
File opened for modification	C:\Windows\help\Agt0409.hlp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\intl\SETF49C.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\AgtCtl15.tlb	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\AgentSvr.exe	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\AgentMPx.dll	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\chars\Bonzi.acs	BonziBuddy432.exe
File opened for modification	C:\Windows\lhsp\tv\tvenuax.dll	tv_enua.exe
File opened for modification	C:\Windows\fonts\andmoipa.ttf	tv_enua.exe
File created	C:\Windows\msagent\SETF484.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\fonts\SETEDED.tmp	tv_enua.exe
File opened for modification	C:\Windows\INF\SETEDEE.tmp	tv_enua.exe
File created	C:\Windows\INF\SETEDEE.tmp	tv_enua.exe
File created	C:\Windows\msagent\SETF495.tmp	MSAGENT.EXE
File created	C:\Windows\msagent\SETF496.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\AgentPsh.dll	MSAGENT.EXE
File created	C:\Windows\msagent\intl\SETF49C.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\INF\tv_enua.inf	tv_enua.exe
File opened for modification	C:\Windows\msagent\SETF495.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\SETF496.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\SETF49A.tmp	MSAGENT.EXE
File created	C:\Windows\help\SETF49B.tmp	MSAGENT.EXE
File created	C:\Windows\msagent\SETF483.tmp	MSAGENT.EXE
File created	C:\Windows\msagent\SETF49A.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\help\SETF49B.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\lhsp\tv\SETEDEA.tmp	tv_enua.exe
File created	C:\Windows\msagent\SETF485.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\SETF498.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\INF\SETF499.tmp	MSAGENT.EXE
File created	C:\Windows\msagent\SETF482.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\mslwvtts.dll	MSAGENT.EXE
File created	C:\Windows\msagent\SETF4BD.tmp	MSAGENT.EXE
File created	C:\Windows\lhsp\tv\SETEDEA.tmp	tv_enua.exe
File opened for modification	C:\Windows\msagent\SETF482.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\SETF484.tmp	MSAGENT.EXE
File created	C:\Windows\INF\SETF499.tmp	MSAGENT.EXE
File created	C:\Windows\lhsp\tv\SETEDEB.tmp	tv_enua.exe
File created	C:\Windows\lhsp\help\SETEDEC.tmp	tv_enua.exe
File opened for modification	C:\Windows\msagent\SETF483.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\SETF485.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\AgentAnm.dll	MSAGENT.EXE
File opened for modification	C:\Windows\lhsp\help\SETEDEC.tmp	tv_enua.exe
File opened for modification	C:\Windows\lhsp\help\tv_enua.hlp	tv_enua.exe
File opened for modification	C:\Windows\msagent\AgentDp2.dll	MSAGENT.EXE
File created	C:\Windows\msagent\SETF498.tmp	MSAGENT.EXE
File opened for modification	C:\Windows\INF\agtinst.inf	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\intl\Agt0409.dll	MSAGENT.EXE
File opened for modification	C:\Windows\msagent\chars\Peedy.acs	BonziBuddy432.exe
File opened for modification	C:\Windows\lhsp\tv\tv_enua.dll	tv_enua.exe
File created	C:\Windows\fonts\SETEDED.tmp	tv_enua.exe
File opened for modification	C:\Windows\msagent\SETF497.tmp	MSAGENT.EXE

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Program crash 3 IoCs

pid	pid_target	Process	procid_target
4964	2152	WerFault.exe	145
4456	2944	WerFault.exe	153
2588	3484	WerFault.exe	158

Checks SCSI registry key(s) 3 TTPs 3 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies Internet Explorer settings 1 TTPs 8 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	explorer.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133637091890834071"	chrome.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD7-1BF9-11D2-BAE8-00104B9E0792}\ = "DSSFrameEvents"	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{E8671A8B-E5DD-11CD-836C-0000C0C14E92}	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{E8671A8B-E5DD-11CD-836C-0000C0C14E92}\1.0\ = "Sheridan Month/Year/DateCombo"	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BDF-7DE6-11D0-91FE-00C04FD701A5}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6D0ECB27-9968-11D0-AC6E-00C04FD97575}\TypeLib\ = "{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}"	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD6-1BF9-11D2-BAE8-00104B9E0792}\ = "ISSFrame"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A4E0988E-24BE-4570-B4D8-982F1386E0C6}\Forward\ = "{6549F504-C43A-43F3-B8CD-D077AF0427C8}"	BonziBDY_4.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D47-2CDD-11D3-9DD0-D3CD4078982A}\Control	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.SkinEvent\CLSID	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DCE47F78-8A6C-4C6D-A6F7-8BE4427127C4}\ = "IComProcTextures"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BDD1F051-858B-11D1-B16A-00C0F0283628}\TypeLib\Version = "2.0"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C8B-7B81-11D0-AC5F-00C04FD97575}\TypeLib\ = "{A7B93C73-7B81-11D0-AC5F-00C04FD97575}"	AgentSvr.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{159C2806-4A71-45B4-8D4E-74C181CD6842}\ = "_CCalendarVBPeriod"	BonziBDY_4.EXE
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6B1BE804-567F-11D1-B652-0060976C699F}\ToolboxBitmap32\ = "C:\\Program Files (x86)\\BonziBuddy432\\Regicon.ocx, 30000"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FD6-1BF9-11D2-BAE8-00104B9E0792}\ = "ISSFrame"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{EB52CF7C-3917-11CE-80FB-0000C0C14E92}\ = "_DDateCombo"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F4900F6A-055F-11D4-8F9B-00104BA312D6}\TypeLib\ = "{F4900F5D-055F-11D4-8F9B-00104BA312D6}"	BonziBDY_4.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\15\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	msedge.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F08DF953-8592-11D1-B16A-00C0F0283628}\ProxyStubClsid32\ = "{00020420-0000-0000-C000-000000000046}"	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\Implemented Categories	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C8D-7B81-11D0-AC5F-00C04FD97575}\ = "IAgentBalloon"	AgentSvr.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DED86423-10D4-4CE1-8C84-9C9EC1B43364}\TypeLib	BonziBDY_4.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{322982E1-0855-11D3-9DCF-DDFB3AB09E18}\VersionIndependentProgID	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{53FA8D46-2CDD-11D3-9DD0-D3CD4078982A}	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{920FF31F-CA25-451A-9738-3444FC206BCC}\TypeLib\Version = "1.0"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\ToolboxBitmap32\ = "C:\\Program Files (x86)\\BonziBuddy432\\MSCOMCTL.OCX, 16"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32\ThreadingModel = "Apartment"	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FD6-1BF9-11D2-BAE8-00104B9E0792}\TypeLib	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FE4-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BF0-7DE6-11D0-91FE-00C04FD701A5}	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.aca\ = "Agent.Character.2"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C91-7B81-11D0-AC5F-00C04FD97575}\TypeLib	AgentSvr.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B0913412-3B44-11D1-ACBA-00C04FD97575}\TypeLib\Version = "2.0"	AgentSvr.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D41-2CDD-11D3-9DD0-D3CD4078982A}\VersionIndependentProgID	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{972DE6C1-8B09-11D2-B652-A1FD6CC34260}	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{248DD893-BB45-11CF-9ABC-0080C7E7B78D}\ = "DMSWinsockControlEvents"	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE9-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8563FF20-8ECC-11D1-B9B4-00C04FD97575}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D45FD2FC-5C6E-11D1-9EC1-00C04FD7081F}\LocalServer32	AgentSvr.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ActiveSkin.SkinLabel\CurVer	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{37DEB787-2D9B-11D3-9DD0-C423E6542E10}	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Threed.SSPanel.3\CLSID	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{065E6FE6-1BF9-11D2-BAE8-00104B9E0792}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{E8671A8B-E5DD-11CD-836C-0000C0C14E92}\1.0\HELPDIR\	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0A45DB4E-BD0D-11D2-8D14-00104B9E072A}\TypeLib	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8DB2224E-D2FA-4B2E-8402-085EA7CC826B}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}"	BonziBDY_4.EXE
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8E20FD10-1BEB-11CE-80FB-0000C0C14E92}\TypeLib	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EB52CF7B-3917-11CE-80FB-0000C0C14E92}	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{643F1353-1D07-11CE-9E52-0000C0554C0A}\1.0\0\win32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8B77181C-D3EF-11D1-8500-00C04FA34A14}\TypeLib	regsvr32.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C83-7B81-11D0-AC5F-00C04FD97575}\TypeLib\ = "{A7B93C73-7B81-11D0-AC5F-00C04FD97575}"	AgentSvr.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{53FA8D41-2CDD-11D3-9DD0-D3CD4078982A}\InprocServer32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6CFC9BA3-FE87-11D2-9DCF-ED29FAFE371D}\ProxyStubClsid32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\TypeLib	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D6589121-FC70-11D0-AC94-00C04FD97575}\ProxyStubClsid32	AgentSvr.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{065E6FDB-1BF9-11D2-BAE8-00104B9E0792}\TypeLib\ = "{065E6FD1-1BF9-11D2-BAE8-00104B9E0792}"	BonziBuddy432.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{CDA1CA00-8B5D-11D0-9BC0-0000C0F04C96}\TypeLib\Version = "2.0"	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}\ProxyStubClsid32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{065E6FD3-1BF9-11D2-BAE8-00104B9E0792}\ProxyStubClsid32	BonziBuddy432.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BD4-7DE6-11D0-91FE-00C04FD701A5}	regsvr32.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{643F1350-1D07-11CE-9E52-0000C0554C0A}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}	BonziBuddy432.exe

NTFS ADS 10 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\Downloads\Autoruns.zip:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\results.htm:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Nova.htm:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Nova.zip:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\butterflyondesktop.exe:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Bonzi.zip:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Aura.zip:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\Unconfirmed 231703.crdownload:SmartScreen	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\a.htm:Zone.Identifier	msedge.exe
File opened for modification	C:\Users\Admin\Downloads\results.htm:Zone.Identifier	msedge.exe

Suspicious behavior: AddClipboardFormatListener 2 IoCs

pid	Process
6460	explorer.exe
5364	explorer.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2596	msedge.exe
2596	msedge.exe
3180	msedge.exe
3180	msedge.exe
4724	identity_helper.exe
4724	identity_helper.exe
4996	msedge.exe
4996	msedge.exe
7136	msedge.exe
7136	msedge.exe
7136	msedge.exe
7136	msedge.exe
6600	msedge.exe
6600	msedge.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 7 IoCs

pid	Process
1248	taskmgr.exe
5656	msedge.exe
3520	Autoruns64.exe
6460	explorer.exe
2572	msedge.exe
2988	msedge.exe
5364	explorer.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs

pid	Process
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: 33	1080	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	1080	AUDIODG.EXE
Token: SeDebugPrivilege	1248	taskmgr.exe
Token: SeSystemProfilePrivilege	1248	taskmgr.exe
Token: SeCreateGlobalPrivilege	1248	taskmgr.exe
Token: SeRestorePrivilege	3520	Autoruns64.exe
Token: SeSecurityPrivilege	3520	Autoruns64.exe
Token: SeTakeOwnershipPrivilege	3520	Autoruns64.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe
Token: SeShutdownPrivilege	4560	chrome.exe
Token: SeCreatePagefilePrivilege	4560	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
3180	msedge.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe
1248	taskmgr.exe

Suspicious use of SetWindowsHookEx 29 IoCs

pid	Process
5656	msedge.exe
5656	msedge.exe
5656	msedge.exe
5656	msedge.exe
5656	msedge.exe
3168	MiniSearchHost.exe
3520	Autoruns64.exe
3520	Autoruns64.exe
3520	Autoruns64.exe
6460	explorer.exe
6460	explorer.exe
6460	explorer.exe
6460	explorer.exe
3520	Autoruns64.exe
5364	explorer.exe
5364	explorer.exe
2572	msedge.exe
2572	msedge.exe
3520	Autoruns64.exe
2572	msedge.exe
2572	msedge.exe
2988	msedge.exe
7976	msedge.exe
2940	BonziBuddy432.exe
9012	MSAGENT.EXE
2340	tv_enua.exe
9208	AgentSvr.exe
3124	BonziBDY_4.EXE
3124	BonziBDY_4.EXE

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3180 wrote to memory of 2744	3180	msedge.exe	76
PID 3180 wrote to memory of 2744	3180	msedge.exe	76
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2456	3180	msedge.exe	77
PID 3180 wrote to memory of 2596	3180	msedge.exe	78
PID 3180 wrote to memory of 2596	3180	msedge.exe	78
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79
PID 3180 wrote to memory of 3740	3180	msedge.exe	79

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.google.com/
1⤵
- Enumerates system info in registry
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3180
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x10c,0x110,0x114,0xdc,0x118,0x7ffd9a5d3cb8,0x7ffd9a5d3cc8,0x7ffd9a5d3cd8
  2⤵
  PID:2744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1888 /prefetch:2
  2⤵
  PID:2456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2356 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2632 /prefetch:8
  2⤵
  PID:3740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
  2⤵
  PID:2288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:2936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
  2⤵
  PID:1928
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5316 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4996
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4028 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
  2⤵
  PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4636 /prefetch:1
  2⤵
  PID:4128
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4724 /prefetch:1
  2⤵
  PID:1308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1
  2⤵
  PID:4600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2468 /prefetch:1
  2⤵
  PID:344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4644 /prefetch:8
  2⤵
  PID:3504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2496 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1
  2⤵
  PID:3292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7084 /prefetch:1
  2⤵
  PID:1880
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1
  2⤵
  PID:4508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7208 /prefetch:1
  2⤵
  PID:1864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7224 /prefetch:1
  2⤵
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1
  2⤵
  PID:2348
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6904 /prefetch:1
  2⤵
  PID:4816
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1
  2⤵
  PID:892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7520 /prefetch:1
  2⤵
  PID:3156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7216 /prefetch:1
  2⤵
  PID:1728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7512 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8420 /prefetch:1
  2⤵
  PID:2676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8548 /prefetch:1
  2⤵
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1
  2⤵
  PID:4952
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8756 /prefetch:1
  2⤵
  PID:2964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8764 /prefetch:1
  2⤵
  PID:1628
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9608 /prefetch:1
  2⤵
  PID:5256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9628 /prefetch:1
  2⤵
  PID:5272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9888 /prefetch:1
  2⤵
  PID:5280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9900 /prefetch:1
  2⤵
  PID:5288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10020 /prefetch:1
  2⤵
  PID:5296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
  2⤵
  PID:5312
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9060 /prefetch:1
  2⤵
  PID:5868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7580 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10680 /prefetch:1
  2⤵
  PID:5788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9580 /prefetch:1
  2⤵
  PID:5820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1
  2⤵
  PID:6044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11088 /prefetch:1
  2⤵
  PID:2332
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9092 /prefetch:1
  2⤵
  PID:5620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11116 /prefetch:1
  2⤵
  PID:6000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11392 /prefetch:1
  2⤵
  PID:6040
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11560 /prefetch:1
  2⤵
  PID:5660
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11984 /prefetch:1
  2⤵
  PID:6676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=9424 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:7136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4560 /prefetch:1
  2⤵
  PID:6136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10972 /prefetch:8
  2⤵
  - NTFS ADS
  - Suspicious behavior: EnumeratesProcesses
  PID:6600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9088 /prefetch:1
  2⤵
  PID:5156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11464 /prefetch:1
  2⤵
  PID:4768
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10936 /prefetch:1
  2⤵
  PID:6656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=11716 /prefetch:8
  2⤵
  PID:6936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5464 /prefetch:1
  2⤵
  PID:4336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5372 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10740 /prefetch:1
  2⤵
  PID:5328
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11208 /prefetch:1
  2⤵
  PID:1408
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=11416 /prefetch:8
  2⤵
  PID:2512
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10244 /prefetch:8
  2⤵
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:5656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10680 /prefetch:1
  2⤵
  PID:5808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10776 /prefetch:1
  2⤵
  PID:6656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1056 /prefetch:1
  2⤵
  PID:5376
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8740 /prefetch:1
  2⤵
  PID:6548
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10244 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11488 /prefetch:1
  2⤵
  PID:5912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7628 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11120 /prefetch:1
  2⤵
  PID:2340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:6132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9196 /prefetch:1
  2⤵
  PID:828
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1
  2⤵
  PID:6096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5496 /prefetch:8
  2⤵
  - NTFS ADS
  PID:6460
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 /prefetch:8
  2⤵
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:2572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11628 /prefetch:1
  2⤵
  PID:7984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11068 /prefetch:1
  2⤵
  PID:7420
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5220 /prefetch:1
  2⤵
  PID:4740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11896 /prefetch:1
  2⤵
  PID:536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8276 /prefetch:1
  2⤵
  PID:7468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10720 /prefetch:1
  2⤵
  PID:4608
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7936 /prefetch:1
  2⤵
  PID:6924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1680 /prefetch:1
  2⤵
  PID:3188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:7508
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7972 /prefetch:1
  2⤵
  PID:7616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9552 /prefetch:1
  2⤵
  PID:8016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11948 /prefetch:8
  2⤵
  - NTFS ADS
  PID:1560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11380 /prefetch:1
  2⤵
  PID:2520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11984 /prefetch:8
  2⤵
  - NTFS ADS
  PID:2020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2944 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3540 /prefetch:1
  2⤵
  PID:4788
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6692 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11144 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6228 /prefetch:8
  2⤵
  - NTFS ADS
  PID:2200
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10896 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
  2⤵
  PID:8136
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
  2⤵
  PID:1008
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1
  2⤵
  PID:1916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2988 /prefetch:1
  2⤵
  PID:2244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7920 /prefetch:1
  2⤵
  PID:7940
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9968 /prefetch:1
  2⤵
  PID:7400
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1
  2⤵
  PID:1092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9408 /prefetch:1
  2⤵
  PID:8064
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
  2⤵
  PID:7056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7356 /prefetch:1
  2⤵
  PID:6468
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7240 /prefetch:1
  2⤵
  PID:5904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1
  2⤵
  PID:1844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8732 /prefetch:1
  2⤵
  PID:7792
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1
  2⤵
  PID:6116
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7596 /prefetch:1
  2⤵
  PID:7580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10944 /prefetch:1
  2⤵
  PID:7912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11220 /prefetch:1
  2⤵
  PID:7144
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10860 /prefetch:1
  2⤵
  PID:4936
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7204 /prefetch:8
  2⤵
  - NTFS ADS
  PID:6280
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6568 /prefetch:1
  2⤵
  PID:1644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6404 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8404 /prefetch:1
  2⤵
  PID:7808
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8992 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10484 /prefetch:1
  2⤵
  PID:5568
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
  2⤵
  PID:4456
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1
  2⤵
  PID:5616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10616 /prefetch:1
  2⤵
  PID:5524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7096 /prefetch:1
  2⤵
  PID:3364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7040 /prefetch:1
  2⤵
  PID:3336
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11608 /prefetch:1
  2⤵
  PID:7528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8596 /prefetch:1
  2⤵
  PID:7604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1952 /prefetch:1
  2⤵
  PID:6696
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1956 /prefetch:1
  2⤵
  PID:2572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11892 /prefetch:1
  2⤵
  PID:7480
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6440 /prefetch:1
  2⤵
  PID:4412
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11644 /prefetch:1
  2⤵
  PID:2032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8724 /prefetch:1
  2⤵
  PID:6192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9468 /prefetch:8
  2⤵
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:2988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1720 /prefetch:1
  2⤵
  PID:3892
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3700 /prefetch:1
  2⤵
  PID:6748
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7088 /prefetch:1
  2⤵
  PID:6740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10740 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious use of SetWindowsHookEx
  PID:7976
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5808 /prefetch:1
  2⤵
  PID:2796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
  2⤵
  PID:5712
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6640 /prefetch:1
  2⤵
  PID:3288
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9856 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7976 /prefetch:1
  2⤵
  PID:7984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
  2⤵
  PID:896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9696 /prefetch:1
  2⤵
  PID:8060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
  2⤵
  PID:2752
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=165 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4664 /prefetch:1
  2⤵
  PID:2740
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12024 /prefetch:1
  2⤵
  PID:7132
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:4484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7748 /prefetch:1
  2⤵
  PID:4060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7048 /prefetch:8
  2⤵
  PID:7772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12384 /prefetch:8
  2⤵
  - NTFS ADS
  PID:4056
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
  2⤵
  PID:8488
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11952 /prefetch:1
  2⤵
  PID:8496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12300 /prefetch:1
  2⤵
  PID:8600
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5444 /prefetch:1
  2⤵
  PID:8316
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=176 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12348 /prefetch:1
  2⤵
  PID:6876
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12804 /prefetch:1
  2⤵
  PID:8364
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12308 /prefetch:1
  2⤵
  PID:4000
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12552 /prefetch:1
  2⤵
  PID:7188
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12508 /prefetch:8
  2⤵
  - NTFS ADS
  PID:396
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=182 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9664 /prefetch:1
  2⤵
  PID:8820
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1
  2⤵
  PID:8112
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8428 /prefetch:1
  2⤵
  PID:5496
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=12776 /prefetch:8
  2⤵
  - NTFS ADS
  PID:5272
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=188 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11456 /prefetch:1
  2⤵
  PID:7388
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1892,5840400142444182458,5585196304955369952,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=189 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12012 /prefetch:1
  2⤵
  PID:8196

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3268

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:540

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4868

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004E0
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1080

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
1⤵
PID:1508

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:7004

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /0
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SendNotifyMessage
PID:1248

C:\Users\Admin\Downloads\Aura\Aura\Aura.exe
"C:\Users\Admin\Downloads\Aura\Aura\Aura.exe"
1⤵
- Suspicious use of SetThreadContext
PID:2152
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
  2⤵
  PID:6028
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2152 -s 308
  2⤵
  - Program crash
  PID:4964

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2152 -ip 2152
1⤵
PID:6648

C:\Users\Admin\Downloads\Aura\Aura\Aura.exe
"C:\Users\Admin\Downloads\Aura\Aura\Aura.exe"
1⤵
- Suspicious use of SetThreadContext
PID:2944
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
  2⤵
  PID:2440
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2944 -s 288
  2⤵
  - Program crash
  PID:4456

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 2944 -ip 2944
1⤵
PID:3332

C:\Users\Admin\Downloads\Aura\Aura\Aura.exe
"C:\Users\Admin\Downloads\Aura\Aura\Aura.exe"
1⤵
- Suspicious use of SetThreadContext
PID:3484
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
  2⤵
  PID:6512
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3484 -s 300
  2⤵
  - Program crash
  PID:2588

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 3484 -ip 3484
1⤵
PID:6100

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
1⤵
- Suspicious use of SetWindowsHookEx
PID:3168

C:\Users\Admin\Downloads\Autoruns\Autoruns64.exe
"C:\Users\Admin\Downloads\Autoruns\Autoruns64.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:3520
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe" /select,"C:\windows\system32\bfdkdh.exe"
  2⤵
  PID:3836
- C:\Windows\explorer.exe
  "C:\Windows\explorer.exe" /select,"C:\windows\system32\bfdkdh.exe"
  2⤵
  PID:6648

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:6460

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:5364

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious use of AdjustPrivilegeToken
PID:4560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffd8568ab58,0x7ffd8568ab68,0x7ffd8568ab78
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:2
  2⤵
  PID:2236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:5656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:2568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:2424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3200 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:6308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4304 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:7212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4280 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:7300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4248 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:7308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:7932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:7940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:2
  2⤵
  PID:7912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4780 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:6848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4944 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:8
  2⤵
  PID:7856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4812 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:6192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3260 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:6160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4136 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:6660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4612 --field-trial-handle=1772,i,10438522344559073287,5629361491419208499,131072 /prefetch:1
  2⤵
  PID:5160

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:6504

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004E0
1⤵
PID:7472

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5608

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5056

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
1⤵
PID:3588

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:952

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004E8 0x00000000000004E0
1⤵
PID:6848

C:\Users\Admin\Downloads\butterflyondesktop.exe
"C:\Users\Admin\Downloads\butterflyondesktop.exe"
1⤵
- Executes dropped EXE
PID:6876
- C:\Users\Admin\AppData\Local\Temp\is-1IELL.tmp\butterflyondesktop.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-1IELL.tmp\butterflyondesktop.tmp" /SL5="$C02DE,2719719,54272,C:\Users\Admin\Downloads\butterflyondesktop.exe"
  2⤵
  - Executes dropped EXE
  - Adds Run key to start application
  - Drops file in Program Files directory
  PID:3608
- - C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe
    "C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe"
    3⤵
    - Executes dropped EXE
    PID:8288
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://freedesktopsoft.com/butterflyondesktoplike.html
    3⤵
    PID:8376
  - - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffd9a5d3cb8,0x7ffd9a5d3cc8,0x7ffd9a5d3cd8
      4⤵
      PID:8420

C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe
"C:\Users\Admin\AppData\Local\Temp\Temp1_Bonzi.zip\BonziBuddy432.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2940
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c ""C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat" "
  2⤵
  PID:8840
- - C:\Program Files (x86)\BonziBuddy432\Runtimes\MSAGENT.EXE
    MSAGENT.EXE
    3⤵
    - Boot or Logon Autostart Execution: Active Setup
    - Executes dropped EXE
    - Loads dropped DLL
    - Drops file in Windows directory
    - Suspicious use of SetWindowsHookEx
    PID:9012
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"
      4⤵
      Loads dropped DLL
      Modifies registry class
      PID:7844
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"
      4⤵
      Loads dropped DLL
      Modifies registry class
      PID:8340
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"
      4⤵
      Loads dropped DLL
      PID:7796
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"
      4⤵
      Loads dropped DLL
      PID:8888
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"
      4⤵
      Loads dropped DLL
      PID:2968
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\AgentSR.dll"
      4⤵
      Loads dropped DLL
      PID:6368
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"
      4⤵
      Loads dropped DLL
      PID:5512
  - - C:\Windows\msagent\AgentSvr.exe
      "C:\Windows\msagent\AgentSvr.exe" /regserver
      4⤵
      Executes dropped EXE
      Modifies registry class
      Suspicious use of SetWindowsHookEx
      PID:9208
  - - C:\Windows\SysWOW64\grpconv.exe
      grpconv.exe -o
      4⤵
      PID:9072
- - C:\Program Files (x86)\BonziBuddy432\Runtimes\tv_enua.exe
    tv_enua.exe
    3⤵
    - Boot or Logon Autostart Execution: Active Setup
    - Executes dropped EXE
    - Loads dropped DLL
    - Adds Run key to start application
    - Drops file in System32 directory
    - Drops file in Windows directory
    - Suspicious use of SetWindowsHookEx
    PID:2340
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll
      4⤵
      Loads dropped DLL
      PID:6376
  - - C:\Windows\SysWOW64\regsvr32.exe
      regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll
      4⤵
      Loads dropped DLL
      PID:8276
  - - C:\Windows\SysWOW64\grpconv.exe
      grpconv.exe -o
      4⤵
      PID:1308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bonzibuddy.tk/
  2⤵
  PID:3056
- - C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffd9a5d3cb8,0x7ffd9a5d3cc8,0x7ffd9a5d3cd8
    3⤵
    PID:8408

C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE
"C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE"
1⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3124

C:\Windows\msagent\AgentSvr.exe
C:\Windows\msagent\AgentSvr.exe -Embedding
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:6724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\BonziBuddy432\ActiveSkin.ocx

Filesize
336KB

MD5
3d225d8435666c14addf17c14806c355

SHA1
262a951a98dd9429558ed35f423babe1a6cce094

SHA256
2c8f92dc16cbf13542ddd3bf0a947cf84b00fed83a7124b830ddefa92f939877

SHA512
391df24c6427b4011e7d61b644953810e392525743914413c2e8cf5fce4a593a831cfab489fbb9517b6c0e7ef0483efb8aeaad0a18543f0da49fa3125ec971e1

Download Submit
C:\Program Files (x86)\BonziBuddy432\BonziBDY_2.EXE

Filesize
796KB

MD5
8a30bd00d45a659e6e393915e5aef701

SHA1
b00c31de44328dd71a70f0c8e123b56934edc755

SHA256
1e2994763a7674a0f1ec117dae562b05b614937ff61c83b316b135afab02d45a

SHA512
daf92e61e75382e1da0e2aba9466a9e4d9703a129a147f0b3c71755f491c68f89ad67cfb4dd013580063d664b69c8673fb52c02d34b86d947e9f16072b7090fb

Download Submit
C:\Program Files (x86)\BonziBuddy432\BonziBDY_35.EXE

Filesize
2.5MB

MD5
73feeab1c303db39cbe35672ae049911

SHA1
c14ce70e1b3530811a8c363d246eb43fc77b656c

SHA256
88c03817ae8dfc5fc9e6ffd1cfb5b829924988d01cd472c1e64952c5398866e8

SHA512
73f37dee83664ce31522f732bf819ed157865a2a551a656a7a65d487c359a16c82bd74acff2b7a728bb5f52d53f4cfbea5bef36118128b0d416fa835053f7153

Download Submit
C:\Program Files (x86)\BonziBuddy432\BonziBDY_4.EXE

Filesize
3.2MB

MD5
93f3ed21ad49fd54f249d0d536981a88

SHA1
ffca7f3846e538be9c6da1e871724dd935755542

SHA256
5678fd744faddb30a87568ae309066ef88102a274fff62f10e4963350da373bc

SHA512
7923556c6d6feb4ff4253e853bae3675184eab9b8ce4d4e07f356c8624317801ee807ad5340690196a975824ea3ed500ce6a80c7670f19785139be594fa5e70f

Download Submit
C:\Program Files (x86)\BonziBuddy432\BonziCheckers.ocx

Filesize
152KB

MD5
66551c972574f86087032467aa6febb4

SHA1
5ad1fe1587a0c31bb74af20d09a1c7d3193ec3c9

SHA256
9028075603c66ca2e906ecac3275e289d8857411a288c992e8eef793ed71a75b

SHA512
35c1f500e69cdd12ec6a3c5daef737a3b57b48a44df6c120a0504d340e0f721d34121595ed396dc466a8f9952a51395912d9e141ad013000f5acb138b2d41089

Download Submit
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page17.jpg

Filesize
50KB

MD5
e8f52918072e96bb5f4c573dbb76d74f

SHA1
ba0a89ed469de5e36bd4576591ee94db2c7f8909

SHA256
473a890da22defb3fbd643246b3fa0d6d34939ac469cd4f48054ee2a0bc33d82

SHA512
d57dd0a9686696487d268ef2be2ec2d3b97baedf797a63676da5a8a4165cda89540ec2d3b9e595397cbf53e69dcce76f7249f5eeff041947146ca7bf4099819f

Download Submit
C:\Program Files (x86)\BonziBuddy432\Books\Bonzi and the Internet\page18.jpg

Filesize
45KB

MD5
108fd5475c19f16c28068f67fc80f305

SHA1
4e1980ba338133a6fadd5fda4ffe6d4e8a039033

SHA256
03f269cd40809d7ec94f5fa4fff1033a624e849179962693cdc2c37d7904233b

SHA512
98c8743b5af89ec0072b70de8a0babfb5aff19bafa780d6ce99c83721b65a80ec310a4fe9db29a4bb50c2454c34de62c029a83b70d0a9df9b180159ea6cad83a

Download Submit
C:\Program Files (x86)\BonziBuddy432\MSCOMCTL.OCX

Filesize
1.0MB

MD5
12c2755d14b2e51a4bb5cbdfc22ecb11

SHA1
33f0f5962dbe0e518fe101fa985158d760f01df1

SHA256
3b6ccdb560d7cd4748e992bd82c799acd1bbcfc922a13830ca381d976ffcccaf

SHA512
4c9b16fb4d787145f6d65a34e1c4d5c6eb07bff4c313a35f5efa9dce5a840c1da77338c92346b1ad68eeb59ef37ef18a9d6078673c3543656961e656466699cf

Download Submit
C:\Program Files (x86)\BonziBuddy432\MSINET.OCX

Filesize
112KB

MD5
7bec181a21753498b6bd001c42a42722

SHA1
3249f233657dc66632c0539c47895bfcee5770cc

SHA256
73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31

SHA512
d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc

Download Submit
C:\Program Files (x86)\BonziBuddy432\MSWINSCK.OCX

Filesize
105KB

MD5
9484c04258830aa3c2f2a70eb041414c

SHA1
b242a4fb0e9dcf14cb51dc36027baff9a79cb823

SHA256
bf7e47c16d7e1c0e88534f4ef95e09d0fd821ed1a06b0d95a389b35364b63ff5

SHA512
9d0e9f0d88594746ba41ea4a61a53498619eda596e12d8ec37d01cfe8ceb08be13e3727c83d630a6d9e6d03066f62444bb94ea5a0d2ed9d21a270e612db532a0

Download Submit
C:\Program Files (x86)\BonziBuddy432\Reg.nbd

Filesize
140B

MD5
a8ed45f8bfdc5303b7b52ae2cce03a14

SHA1
fb9bee69ef99797ac15ba4d8a57988754f2c0c6b

SHA256
375ecd89ee18d7f318cf73b34a4e15b9eb16bc9d825c165e103db392f4b2a68b

SHA512
37917594f22d2a27b3541a666933c115813e9b34088eaeb3d74f77da79864f7d140094dfac5863778acf12f87ccda7f7255b7975066230911966b52986da2d5c

Download Submit
C:\Program Files (x86)\BonziBuddy432\Regicon.ocx

Filesize
76KB

MD5
32ff40a65ab92beb59102b5eaa083907

SHA1
af2824feb55fb10ec14ebd604809a0d424d49442

SHA256
07e91d8ed149d5cd6d48403268a773c664367bce707a99e51220e477fddeeb42

SHA512
2cfc5c6cb4677ff61ec3b6e4ef8b8b7f1775cbe53b245d321c25cfec363b5b4975a53e26ef438e07a4a5b08ad1dde1387970d57d1837e653d03aef19a17d2b43

Download Submit
C:\Program Files (x86)\BonziBuddy432\Runtimes\CheckRuntimes.bat

Filesize
279B

MD5
4877f2ce2833f1356ae3b534fce1b5e3

SHA1
7365c9ef5997324b73b1ff0ea67375a328a9646a

SHA256
8ae1ed38bc650db8b14291e1b7298ee7580b31e15f8a6a84f78f048a542742ff

SHA512
dd43ede5c3f95543bcc8086ec8209a27aadf1b61543c8ee1bb3eab9bc35b92c464e4132b228b12b244fb9625a45f5d4689a45761c4c5263aa919564664860c5e

Download Submit
C:\Program Files (x86)\BonziBuddy432\SSCALA32.OCX

Filesize
472KB

MD5
ce9216b52ded7e6fc63a50584b55a9b3

SHA1
27bb8882b228725e2a3793b4b4da3e154d6bb2ea

SHA256
8e52ef01139dc448d1efd33d1d9532f852a74d05ee87e8e93c2bb0286a864e13

SHA512
444946e5fc3ea33dd4a09b4cbf2d41f52d584eb5b620f5e144de9a79186e2c9d322d6076ed28b6f0f6d0df9ef4f7303e3901ff552ed086b70b6815abdfc23af7

Download Submit
C:\Program Files (x86)\BonziBuddy432\SSCALB32.OCX

Filesize
320KB

MD5
97ffaf46f04982c4bdb8464397ba2a23

SHA1
f32e89d9651fd6e3af4844fd7616a7f263dc5510

SHA256
5db33895923b7af9769ca08470d0462ed78eec432a4022ff0acc24fa2d4666e1

SHA512
8c43872396f5dceb4ba153622665e21a9b52a087987eab523b1041031e294687012d7bf88a3da7998172010eae5f4cc577099980ecd6b75751e35cfc549de002

Download Submit
C:\Program Files (x86)\BonziBuddy432\Uninstall.exe

Filesize
65KB

MD5
068ace391e3c5399b26cb9edfa9af12f

SHA1
568482d214acf16e2f5522662b7b813679dcd4c7

SHA256
2288f4f42373affffbaa63ce2fda9bb071fd7f14dbcd04f52d3af3a219b03485

SHA512
0ba89fcdbb418ea6742eeb698f655206ed3b84c41ca53d49c06d30baed13ac4dfdb4662b53c05a28db0a2335aa4bc588635b3b205cfc36d8a55edfc720ac4b03

Download Submit
C:\Program Files (x86)\BonziBuddy432\ssa3d30.ocx

Filesize
320KB

MD5
48c35ed0a09855b29d43f11485f8423b

SHA1
46716282cc5e0f66cb96057e165fa4d8d60fbae2

SHA256
7a0418b76d00665a71d13a30d838c3e086304bacd10d764650d2a5d2ec691008

SHA512
779938ec9b0f33f4cbd5f1617bea7925c1b6d794e311737605e12cd7efa5a14bbc48bee85208651cf442b84133be26c4cc8a425d0a3b5b6ad2dc27227f524a99

Download Submit
C:\Program Files (x86)\BonziBuddy432\sstabs2.ocx

Filesize
288KB

MD5
7303efb737685169328287a7e9449ab7

SHA1
47bfe724a9f71d40b5e56811ec2c688c944f3ce7

SHA256
596f3235642c9c968650194065850ecb02c8c524d2bdcaf6341a01201e0d69be

SHA512
e0d9cb9833725e0cdc7720e9d00859d93fc51a26470f01a0c08c10fa940ed23df360e093861cf85055b8a588bb2cac872d1be69844a6c754ac8ed5bfaf63eb03

Download Submit
C:\Program Files (x86)\Butterfly on Desktop\ButterflyOnDesktop.exe

Filesize
3.0MB

MD5
81aab57e0ef37ddff02d0106ced6b91e

SHA1
6e3895b350ef1545902bd23e7162dfce4c64e029

SHA256
a70f9e100dddb177f68ee7339b327a20cd9289fae09dcdce3dbcbc3e86756287

SHA512
a651d0a526d31036a302f7ef1ee2273bb7c29b5206c9b17339baa149dd13958ca63db827d09b4e12202e44d79aac2e864522aca1228118ba3dcd259fe1fcf717

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
48KB

MD5
47b6e3b9a667b9dbc766575634849645

SHA1
54c7e7189111bf33c933817d0a97cefe61fe9a6d

SHA256
302ed4f6c8ac4312d71205603c4c28dd2976fafe4c05533c0a08ab3bdb531aa3

SHA512
a12b74ff45f6f9e6abf459863c299e1fafe61dcf2bea8a7331ed9547de14ed29e2deba69b104c6960db93b458f83ba6a4ba454c5514105e7ffb96da96e26e612

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
36KB

MD5
0e045ce9afca2d76d92e1d18344834be

SHA1
f1ebee178f8b20945fde60e392c53c7deeb5d3f9

SHA256
c5c5edb2479ae74b76265ce50f3288286418225c04a6f35148d3d2238a4fad8c

SHA512
d82c38a003956344659b0b095d6639e081e5a87a7ac822efd2366a39109862bd90661bd448e097deb23a26efa042703fa378f5d7c6701fda9651f2525b942821

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
20KB

MD5
90c7c3cd9f1bda2460a4ce30711d11b7

SHA1
5d62c16f1237f8429a215873602579743cb25aa3

SHA256
f25d0e3f8652167d6a56adb7c8e0441e364dcbc2bb847ad176dc3709d3272450

SHA512
55ee7a7956ddcf57e0e47d83a317ae663a26c5c32d549d2bd3ec4a54f30720ad353ab67b522310f86e1822c628ec5ed654a199d329752d5b8a4eb0c07f78399a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
23KB

MD5
082ea42c1aae3b695989f4b6f6eb0dc7

SHA1
1918fc9585b161ce79c29ff6d2fec39e526a3aa2

SHA256
d87bcc1cb0e666b8812da126e6e308529997c88176123920942b43efade7bc77

SHA512
e6c7b496139c95c43e9af3fbd3b6b4a90a206506a3f823c7003fc42585a404e0323ef85ed6233ac208c066ec528857a8609c36ec6c749cec0702149de2c6f69b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
20KB

MD5
0f3de113dc536643a187f641efae47f4

SHA1
729e48891d13fb7581697f5fee8175f60519615e

SHA256
9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8

SHA512
8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
56KB

MD5
15deb2f227868e22e62aad743443fdd3

SHA1
db87dcd259fad33146bd95dfb7edd39e64e14159

SHA256
13ba113a7d1dbf634b226d5d27c91a86bd8edd5cde9607e95cb173fd38e1b88b

SHA512
fea6d0d7e67435be1a06c7a4af844ee7e1fa6aff96f1fab21a1d1c3ae1cbbed28dbef42af3ce63beebe8342e8acc1eba55e5814cd171651dce53634a5ef07123

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

Filesize
19KB

MD5
1ec8fb7f6fd9050ab7c803cab2b0b48f

SHA1
6b831a02f8daed957b82c310cf867aa3e77b9816

SHA256
4345ede1557a49c9322e84fcfe2a20821e47003c2b3c214de6ba6d5d42bac73f

SHA512
d4ef769640f071121d07f8942533c7cfbaf4e4a29476d8977fb31d462e986246278fd599b2cb4344713f5ade2b89faed5c728093e31848c9e428601f0ea2f871

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
59KB

MD5
4bc7fdb1eed64d29f27a427feea007b5

SHA1
62b5f0e1731484517796e3d512c5529d0af2666b

SHA256
05282cd78e71a5d9d14cc9676e20900a1d802016b721a48febec7b64e63775f6

SHA512
9900aecac98f2ca3d642a153dd5a53131b23ceec71dd9d3c59e83db24796a0db854f49629449a5c9fe4b7ca3afcdd294086f6b1ba724955551b622bc50e3ba1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

Filesize
17KB

MD5
e2e9087eca5b4988e289dcb6c3373722

SHA1
5e0800225db517d5428855102502216df1c8193e

SHA256
feb51cf7fd6e7c2033481adde36be8fdecfb9aea6eedee5f5f4abc81ba802817

SHA512
b7f45bf92d471d778ff6d0e0aeb52b1fa2fc5d34e3aa239e16b8b971fd26650512567e12be190f15e73db36f9609ba8101500441db2484b55b1d2d93af7f4932

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

Filesize
20KB

MD5
62b3656502d2f8f50d792ea1c8c41438

SHA1
cb0fd4f8bdfb6e32e86b6d805916dc95bbed7a71

SHA256
4ff8b2f6c2012d486d9388885d7bed23513913f3e50d35bfc34cfc0e6d4c6385

SHA512
a3fb33fe6c2ff563c8324dfeea173ac02d918b38b14adf56403a8fcba33dd21957bd617b4e15d09e1a347a9fe7415789d710505317754873aea6a8b60167eff1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

Filesize
130KB

MD5
b61b5eac4fb168036c99caf0190ec8d3

SHA1
8440a8168362eb742ea3f700bb2b79f7b0b17719

SHA256
3c495df6db16ed46f0f8a9aff100fa9b26e1434016c41b319f0c1009b7ab2e1f

SHA512
cbccd3aa5a1bdfddba5cc38956b5523a422a1151cdd0680336ab94f07aabecd1695062a0953c32c8209949ea6a4859c625c6deffe5108e8d5e48290017e51874

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

Filesize
22KB

MD5
1ac27973084a93966f6a90d5b518e258

SHA1
787986ea7a061e18e3d858c919a7692c6d100ed3

SHA256
f8a4c49273653af8dff6bc5e910bdc5a4ca5496c60f0221cfbf3da26df2388f8

SHA512
3bbd2a13f7583890c4730aa4fbe49bd1d280950e28917389177b6eddfdfaee6b1969efa3e4741c6ab21e9f83154540ed80652f3c1c9145fd2fa6a0687b6aa461

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
daa62d0ed5cdb59c21c711626366c305

SHA1
0bc81d00547aa856960fbcb6ff6c5edb3bdc4212

SHA256
ef89b2e295d1fb9a886dbc2996080cf72f90312f8313f8b7d6db4b14a861f5c1

SHA512
503776fa2de1329cbd0f7db4096827f9d7285b5c1ba19e5982386a6950cd1ed3720f5178d2b2541e45a4ae6a5614b26aeb66bb4b4178384e71e520715d7deeaf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d2d31d5a119f60d3093fbe809fdcb5ac

SHA1
75b7ecd05eee2c982a6c5f4135a0b04f0df37a5f

SHA256
4fb546d62aff8254c58bb275a6c7a330a8b198e7e6e970c34b3c811d7db9b949

SHA512
5d28f3b79b2828f1d453333d705a59382eff0749900075ea4a87d8bef037ca1ec623ba5e663db93cc591ba488db234127a924dc4a825ae3706b962be0cafb52b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
12a1783f3e6dbbb9683640b415ad0584

SHA1
a750176ee45c6903c8a1fbff9e84b2ca71ed3e12

SHA256
654b72f9c9e5e40ff04c09acd14fbec7d5c9d3c40ec73118f9aae1c895cda66b

SHA512
cc3d9d82b26d8c7c16e458efab2307385aaaab5a4eb873b81dc71639199c489b7bd34e0cc611c61535b9ae1120c5ebe695db68b1eb1b958f1934717aed9b5294

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
34ae81413eca138ebc4870ec72168c9e

SHA1
0c41f8987999bc3a5bc1a6e200a9a9f3a9610ce4

SHA256
018616b33211564ca33b1f03bf8f8193a6ca1cb8369036291ebb28b1383f554c

SHA512
f13dcad9ec7c0fef5d5eb2e7531374dc002a1919d66bb39322fbe6b77e7496eb61af0139857741544a5a1ad34bcb90f19813a3660b654ed54db1b0c43f6156e0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2a5d43a4bb6c87ad175c083999169855

SHA1
3f5a88fcbc26c3772c392ab000f29d69c3424073

SHA256
134cea9a8a791b96c454876f7b5950a7fcc41424dbab312086a8c35498b6d63f

SHA512
8cb7aa1eec894922e8e60a42d1831f8e8b671e1d8d0d12dd8ecb1f8f1f74517b5dd1b740d4bffe203999da0bfffd24ae9d049ac2327a4c79743fb9b0b6ba158b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
69fbbf143331ae015036efe2128fefcf

SHA1
bf921e22676e28487d556ae7843920ad7ebd93e8

SHA256
7499bf0237f2cdd99cfda93cf378af5bf989ee175161808899d23755aa9e0a3a

SHA512
7ba950e81bc6b8f41300e107ce5bddcd6f7d9a7d301ad8d520f665ce55cfbadfb9733fc0d294f10b33f8468cdc6aa00573b4bc8b868ecd6d6b4f5db448531a41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
354B

MD5
c7e629c4002a61b93d09b5798c9981ae

SHA1
76f6a486b354f3798f9f9a68abca2d580df9a6d1

SHA256
a4e34f92db594313c0fae5fe3dbdb01d21e13dbc227464e5bc1d98ee847dbc5c

SHA512
68f611339da3a8efbacf365a6ee516a01dcffdd83f23ab4c56f3e7eb95224b50d5ce71bb549e95f35c35a7a57da0b2f92bcc51d16c19b88224931fb5699f9c69

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
c4a6311bfb83a5b8b0e3a3e1c7e7c4d4

SHA1
dddd68fc857c05f65ddb9fd23737d0cb1bf88eb8

SHA256
3170cdc91749864f841c9ad65ebfea2f78d93a7707db26ddaf4e856003036a16

SHA512
ee06e4ef46339ce82526c906fe540ac6fc0ee5840de2e186f6f81c5b6851ac095c37eff9b5f8f43393acc6127c6c625116558f671671a16be442856c0a03e2d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
8461bbed5caa6706debea75a02419a72

SHA1
e4254adf8662ec2e0a4f32752cf2ee012467fc57

SHA256
ce706046690cdbee289a91e560c26b5e9928f9bbd2c3d8229df0fa67df1ee7a3

SHA512
95bb59ab8cd3bd68c92d16965c2e67933a42dee42bd1487619e4ab8f076f7dd14b527dc9f7b41e325b91d6ad2a421c71d7fa7256d675b5b0bd669d7ca209682e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7afe2dc8ff31c5baa07e3d745bed9df8

SHA1
c50b158d0e9d2abb3505ba2586bb526e8df5f22d

SHA256
8687bb2273eb201003ca26052609c7f542a9e7e2edcbf71ebecd3d4676dae32d

SHA512
8c979ab71ee6b32d310750fa533f9aaad864b015b9961cbdc49db95bbaf8721eafcc880d48565dd8b4eadd58dde137a49f726b0c2e70e78525e157aae615ddfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
7e0bfba37e2db3d2646b04d133cd2009

SHA1
8c77d6570a577fbb05bfba1ea9e856ce69c44177

SHA256
138c1c6c1e01a0fbe2653876267ae764f4abf41ae4c64eadf2b1acc882cc7abb

SHA512
64a99cd2c41df5421afc1ac83bfbca28ec79c634767f53d1462238e6fffe267e6639b17623c708fb49741a00f2a189f390d65308f10fe2011326ea81b71d63b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
d024c01e7b2263daa5180046639a0e41

SHA1
48e9db7a5f25fdc27ac3914c517cab46b13080bb

SHA256
b12ff852023ff11228506a40c1eece641d34fe34dc2ae0adb86839841f846583

SHA512
9e6876569d808c1abae01fbedb36ba07c51c82f689e0289d26b9a196b220c8461fbf613f12fba542af9f1381f2a4ef1f82be9e1b5db047e3dd718b2d2fb70575

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
f496060526632e5d9b303af169b335f9

SHA1
d8fb67345028ace3ac3cc540c74a254f458ce309

SHA256
ad55f1d7909c3fd455f189d3385c7cba24a07bf5f0f927f51e0e1394d3110dfa

SHA512
aa1a401e746a8480fd00817656dc894f589bbdc0da4c98cf56e19619a8c97966a7a2d049ef33e429a395437ebe702434774bcddf2d0f0d23c14edc45faf0fff7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
40710ba8561dc97195755d9fa8b89c6b

SHA1
1dc471176ec946d3742c826074c926c8f71a7dc9

SHA256
c9dd129785590afd5af0205213303eb9517f2a50747f501f4842cd31509f77c4

SHA512
d30a1c3fa2a4ccc1b47f35092d126c6ee21e665d778eaa6cbacb4bdbfa8391fc3d797ea52fedfe8c4b24eb1b5b919ffe408e4e0ded97b886a56bf5f4a2e3e570

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
281KB

MD5
c1a6f7c8b6108367d7db091b4d15d9a5

SHA1
7cf7c40db5a7ef6c0e644cb0a9efbf3d9dd0ceb5

SHA256
b3e3e00b2dbcf44fabdae0b96ecc760593870ba8e8a642faa9297773b35240ac

SHA512
ca0c115ad0f30441ae2b04e28fecb54e1daa1d6ea2b5cf89721689ec1c6abd63621c2841f30e36222b3582468808f94e661e7b06f86bb1d2aafe879e1e4362c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
139KB

MD5
04689bf5d82e39c00da63c5255ca5d96

SHA1
42e1f796c080d16a61d14bebb1ad61996e4ceca2

SHA256
4077ba8130151e3dd5816a0d0f00ae405c4a27fc771a127d9972aadef2f8a84a

SHA512
5fea292ddc7ccebfb1da01bd026662da58cc55229dcf78c85356e768f20c02c030559327cf873fb91c0434d2d17b1188780adeaaf96e4c1545d0a28bcbcc6cfa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
140KB

MD5
4c075f7964be7a177f51cfbb3cb27cab

SHA1
4759a3b8052bb61651fc1f9115b07d4fc25b45aa

SHA256
15bfa9e0a7743a425e63382227ac1a9edf7e377b60e20bcfa9cc1c87cdc23963

SHA512
ab0d438e962b9d152a79ee25bb7b7aa147f1c05e83cfeaafeb3e25501330d0dec66a9e8ddcfebb4f7a549d9710c9a28a6494bbfe39424c62998be04d49cadd1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
140KB

MD5
9f4f84d5e80c1ccfa4a7f88f466da90e

SHA1
0d926080e53076546462d3e058cf1c6074e012d4

SHA256
d8a18acf0364cc45d03cd68303ae408fdff88e1c1daa96e60fdbe186c2acb4f4

SHA512
c9945729be51cb3468154f9e6209bbabb729a4602cb8a7597dfcb563cf145e119f7b44b6caa6454712496a16aa9262852af2aa1f1eab709903e5f4d7b00a2da2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
281KB

MD5
b8b22ac9017f729708ea80e4687e5e13

SHA1
6725cabf0c22094ebb14615fefcb1b931b4ef23f

SHA256
3bca3c51e5bf9c626a6439a765c10848798f4a53dbdb39edd6905c09a4c8137d

SHA512
de8e55e72d43274b7933288822b484b447874943a1df346edbecdf2cd4a0d947212cb9b371e8ad92cac9a930624b3eb80e86b80dd6d7e302ef674ddfc0f2914b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
3066a8b5ee69aa68f709bdfbb468b242

SHA1
a591d71a96bf512bd2cfe17233f368e48790a401

SHA256
76f6f3fcef4b1d989542e7c742ff73810c24158ac4e086cbd54f13b430cc4434

SHA512
ad4d30c7be9466a797943230cb9f2ca98f76bf0f907728a0fa5526de1ed23cd5cf81b130ee402f7b3bb5de1e303b049d2867d98cf2039b5d8cb177d7a410b257

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
5c4605aed5013f25a162a5054965829c

SHA1
4cec67cbc5ec1139df172dbc7a51fe38943360cf

SHA256
5c16c584cda1f348a7030e9cab6e9db9e8e47a283dd19879f8bb6d75e170827f

SHA512
bf2a5602fde0de143f9df334249fef2e36af7abeda389376a20d7613e9ccad59f2ca0447576ac1ed60ecf6ab1526c37e68c4614d79ae15c53e1774d325b4036f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

Filesize
46KB

MD5
3dda883b89b1f31dd1e8e0be2d4250e9

SHA1
ff69000e8307afcb2b4db7d6117b47975f9de06a

SHA256
e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b

SHA512
25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

Filesize
806KB

MD5
296107fd9e4b08da2a5eb5381e62e59c

SHA1
0fab647f77db64c6284dd6335f6f01696217fb88

SHA256
9a75f06abaf3c4db9cb4110d32c18ba80356efafd79e6f6255aefc31054ff133

SHA512
519f5c12f414e6321e63c5c2992b4eb89131334543310513ffefcb9b4cfdc9cbf9adc48854dd40daa8475b238ec4a1b1d6f31d666e5edb773f433582777bea43

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001c

Filesize
32KB

MD5
20adea22eec53811cc6bb3e6fb9648a1

SHA1
89ccfb989609bb343bff0f260fbc28e78b0ae16a

SHA256
d1b7f4208210049da4739648765e40bb8d8f0a7fd4e942df1d736e803739f5ea

SHA512
24342b4e909b88faa4b028aba8428bf4b3fac6203a61e74890a4c3439817444826c6d4785f0cef484b73c6116a9913c2980be3c59abaf2b3711942e1e53e6b55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001f

Filesize
24KB

MD5
7762e4c71a09fbe4db42a7b29fabaedf

SHA1
76e687c8adfef20017d58d81012ea29dc051241f

SHA256
2617cadf41f2c702928a7b59dd6d0016c5171da2494ae557878825293edac337

SHA512
711364e5f820e53a0a37d7ac2923c94f358c4560e89d8063a331bfab89bfdce9c650e4d8d237cd90d7d838f6868006c1f9eb5ea3ca7369420914221a39d1a9f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000020

Filesize
19KB

MD5
0e598b4e0838f1540edaaa0ebf6d1e68

SHA1
a69cc56bc59a19d8e0da1b74db64b0f6c319e095

SHA256
4ed8eeb9c3e8abd8a3ae9a6e4a0da56d3bb513938555795256d73cbd578bbe17

SHA512
4a00bd10f567a45b9a3332a50803002f4a089bc38b065657e2a921d505c0a10c4275add2d6c9b4c3ea6a5ba87ccff47140aad0222bef3fceac331de97cb1f273

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000021

Filesize
34KB

MD5
367d6749aabc56bcfd8fe6f68e8ec07f

SHA1
94603bfd837a6cc48b0b413d97e6c21294139f01

SHA256
aba7125a597cbea4846b275de47b9e35fb42202d217c321ad861b09d3b831b5b

SHA512
737b43474c49d945fcc767a082ae79734333de55374c35825993539376577af76175a966e633b8224b4ede6a42738f3298e5c42d7a307f37897857c7c65842c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000024

Filesize
55KB

MD5
2e623a0870aca8d5084b05983f4d0d36

SHA1
ddfd018090653bac96d89fc92d425479ef26b53a

SHA256
571bf0fe80f7496e05f503d9d2c8a6beb0dd94725777c558b0d19b999c8f199f

SHA512
a528c303f4f3a42b0f67bfb3edeaafe0e9fa4f6b0c0330b2824f6847179d7cd8f069b842241cf49c8fe8e00dd86bd626d517bf1ce6eb95ad984e48b91f261f2f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

Filesize
91KB

MD5
0ab09860301c57e1783249e109e8da0e

SHA1
c5930e60ed944764643a435b58f64b4d3674d5a1

SHA256
ff49848fdb6590a901b6206fe59857bb9ba83d603fe75f180b5a415896cb9f05

SHA512
e3aeebfeb8b7aa98d8f011ecd8c82bebd4c27e86c3ed34f95c260c85ba08d5d205f3d51810a47511ae6659a9427e2ddc76ff9c5163e5c5e608000052b3186e8d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000030

Filesize
70KB

MD5
aff5c4cc42d159b7e77175afd2b36b4f

SHA1
70b5ce4247bdb79f898eba302c327436c5324a81

SHA256
abe28914cb34089f4b734ea37c1a6606e6175544c28949c0f61105f560d87ba1

SHA512
5c9784ed2bb063c2de0e246f5bbe34f39e6c7a4af84c4a6d55325f3a6f3f41ff4f442dc8f0fb113ddb64c364a0ab99d1445e8fea82f65eb5757395c352916137

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000031

Filesize
21KB

MD5
660c3b546f2a131de50b69b91f26c636

SHA1
70f80e7f10e1dd9180efe191ce92d28296ec9035

SHA256
fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9

SHA512
6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

Filesize
107KB

MD5
36a285067a69ba04c5d43d3e3bb085f0

SHA1
5cb121e2be363ab1e05b7b996e3e0645992dfa3e

SHA256
fe427e73cc8c78a7acd47754b9bd453b5e2d1a00cb6b1d30a6dda96165de3eab

SHA512
8396f93c4f5f68fd9b9052953ab19a08a72b4f8944d3ecd9cdf8c95ea547a8b968e3e56bae317cdcda4c48ec893525a421931d6cbea46c5db4e19a650e7310c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000034

Filesize
71KB

MD5
5f29a6b934859bd1bba7263849ce88f9

SHA1
6052e92e9fa714a4068d53bf85fdbfe93e693b5e

SHA256
4977bc872316a39199c214b8e3f3af83c976a22d383a76b12e2910098024f859

SHA512
62e16a8a37a24e5d0510ab454f52311415473cbe3938e2e6f4c6a8a87e14cd4f01581ae0880ef3b597c4ad5c846a7a9c2f7d5a01df6bae824b3420a93a0845b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000047

Filesize
64KB

MD5
34d417511bcc66045487a4307a08579d

SHA1
e2161accac890a2632bd6eaa7faaefc204cff6a1

SHA256
fcf96f427eebab9ffb97cf4ece8a7f3b37f9756d211164112371ce5950b58e4a

SHA512
a626a957f521fe0cccaa14ff22f08a26a968a6dc6633f5020fc668d0807ea98bba450fe76d9dd867ddff207b324ea68e0fe4b0dd7c85e2dcf39cf307a86e18c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

Filesize
19KB

MD5
bb30ea3b46964f49ba85f475efd1fb6f

SHA1
1bb4aae7781af8b933e1dd4dee56879a3ef92d38

SHA256
7a5bfdc2463dfde6b169ca4555ce9f5a0fb21c15c3ac807967590df27dd800e6

SHA512
bc52e8de4712d416aebf1d403d6ee8dcb6386a93dfc6727613af487f73de69db90913a9e9781660d8dec121d720ceec9c84b260c76f0f6f565ae80967eee7474

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

Filesize
62KB

MD5
42d9fcc7172456834d9e05605cfb999f

SHA1
d1df0982a953011482b7cc5e97803a5fae290ba7

SHA256
5029f1471e648ecdf5518199b5d7a6fdcf2dab7b9ba8367331b0836de3064575

SHA512
5fc471dfd6cf0516739b40db211b4f1e0d3e27e7b53eb1e0c8d34f7ddf5d09ff520bd4c3b7baca993857fd462f184621391fed363a548bc7b50eee3b7ef6ade8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

Filesize
31KB

MD5
60140bc834da90837a9a4d1530484677

SHA1
d99868b0693b332681b4db7927f3f11b3ed37607

SHA256
29c0ba2fb11f5bbedff938e0d0a97da59f725cd153bc0c04f052419e779f134e

SHA512
448ddc49ab5128dfc0dc91ebe388d447e748848cd2f7dc15fe1fd0380a5436cc9872c32606d9d161d3648b20bff5eda0e48e8fb77c9293f3c0924ae89589eb37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

Filesize
204KB

MD5
081c4aa5292d279891a28a6520fdc047

SHA1
c3dbb6c15f3555487c7b327f4f62235ddb568b84

SHA256
12cc87773068d1cd7105463287447561740be1cf4caefd563d0664da1f5f995f

SHA512
9a78ec4c2709c9f1b7e12fd9105552b1b5a2b033507de0c876d9a55d31678e6b81cec20e01cf0a9e536b013cdb862816601a79ce0a2bb92cb860d267501c0b69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000073

Filesize
63KB

MD5
5d0e354e98734f75eee79829eb7b9039

SHA1
86ffc126d8b7473568a4bb04d49021959a892b3a

SHA256
1cf8ae1c13406a2b4fc81dae6e30f6ea6a8a72566222d2ffe9e85b7e3676b97e

SHA512
4475f576a2cdaac1ebdec9e0a94f3098e2bc84b9a2a1da004c67e73597dd61acfbb88c94d0d39a655732c77565b7cc06880c78a97307cb3aac5abf16dd14ec79

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000074

Filesize
69KB

MD5
76c36bd1ed44a95060d82ad323bf12e0

SHA1
3d85f59ab9796a32a3f313960b1668af2d9530de

SHA256
5d0e5d5fdb4d16cf9341f981b6e4a030f35d4766ad945c27381f8d3afb624542

SHA512
9f0555fb531734b786364701e17cb7f57ce94a688d4616fb85bf32cad45a253a9c479a301e05a4f8630cfea141dd52726a31b8e90198c19c16f33fb150a04a40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

Filesize
42KB

MD5
f99f2d6a05b0c0ead4b862985c5c1816

SHA1
b8ba39585bcc49c925f4d7e9f2eb1e0be2bc870a

SHA256
adb2077ab140042786d0e8d599dc7480fde2d2452f8c5e28ffdecd1a044faeb1

SHA512
b6360cfa3ad0f9982348eed1e7a5d3e941e7de17e899f3c70c33cb1330e44a7ab8e1111aa7dd3f06f69f33e518157f65e17c6b1cec363082cdc8855770de3e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000076

Filesize
64KB

MD5
2923c306256864061a11e426841fc44a

SHA1
d9bb657845d502acd69a15a66f9e667ce9b68351

SHA256
5bc3f12e012e1a39ac69afba923768b758089461ccea0b8391f682d91c0ed2fa

SHA512
f2614f699ac296ee1f81e32955c97d2c13177714dbd424e7f5f7de0d8869dd799d13c64929386ac9c942325456d26c4876a09341d17d7c9af4f80695d259cfea

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

Filesize
19KB

MD5
635efe262aec3acfb8be08b7baf97a3d

SHA1
232b8fe0965aea5c65605b78c3ba286cefb2f43f

SHA256
8a4492d1d9ca694d384d89fa61cf1df2b04583c64762783313029ae405cbfa06

SHA512
d4b21b43b67697f1c391147691d8229d429082c389411167386f5c94e3a798f26c2457adf6d06caec446106e0f0aa16d895bfc4e8a1ff9e9c21a51173a923e3d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078

Filesize
88KB

MD5
77e89b1c954303a8aa65ae10e18c1b51

SHA1
e2b15a0d930dcc11f0b38c95b1e68d1ca8334d73

SHA256
069a7cc0309c5d6fc99259d5d5a8e41926996bbae11dc8631a7303a0c2d8c953

SHA512
5780d3532af970f3942eecf731a43f04b0d2bdb9c0f1a262dbd1c3980bcc82fe6d2126236ad33c48ea5434d376de2214d84a9a2ccec46a0671886fe0aa5e5597

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007a

Filesize
1.2MB

MD5
0ce62e9d53ff7bbb7f9f3ec62519209b

SHA1
d50a698c63fb1957a07d805bd6e826b262773bf0

SHA256
d7d211c8ccfc31dd47ef275249fe7e4bd5fcda67a0c8d35781a8b2cd3d798521

SHA512
bcf0b9f827b6f1d9124cc16bd231d7bba6aa40929549dca3d32247134f8c27fcb5d184ca21eecd9a2a52c0a68333088d706fa37f215eb412adad0deac20ece0e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b

Filesize
32KB

MD5
e529668d3aa5f8f348e27e6ef2b04212

SHA1
bb9875cf7a3db027e78fa28e18c718b3554eff60

SHA256
b42f812971f896d4d415df864066588e7f0a2b24d2e5c8078b333d9e7829d563

SHA512
cde1008c536ba2cd3e9b8e5470eb2d40c39af3f41b2acc7947810fdb7b640190630865839f830e889eed458a684c1c788fa3ec478ee3aec41eb88fc2ecb8837d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007c

Filesize
74KB

MD5
c88f69b53606b96dff18c7924bf8bde3

SHA1
29fa7b32032ecb1564cb6627a9ec3148cea894b5

SHA256
1f7c691bd43a49b47ed23e255c411638953439fa83e5133356aab6e59fe0fb29

SHA512
0cc60147c4b0912a9105706e0112e12172679f43896a0ba66085224802bfc6d1b31d2fcfc744b41fd64e37f75183403dd20e0fe43066a60a452c59fd55b385e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008a

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008d

Filesize
40KB

MD5
3051c1e179d84292d3f84a1a0a112c80

SHA1
c11a63236373abfe574f2935a0e7024688b71ccb

SHA256
992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3

SHA512
df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008e

Filesize
53KB

MD5
68f0a51fa86985999964ee43de12cdd5

SHA1
bbfc7666be00c560b7394fa0b82b864237a99d8c

SHA256
f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f

SHA512
3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008f

Filesize
27KB

MD5
6b5c5bc3ac6e12eaa80c654e675f72df

SHA1
9e7124ce24650bc44dc734b5dc4356a245763845

SHA256
d1d3f1ebec67cc7dc38ae8a3d46a48f76f39755bf7d78eb1d5f20e0608c40b81

SHA512
66bd618ca40261040b17d36e6ad6611d8180984fd7120ccda0dfe26d18b786dbf018a93576ebafe00d3ce86d1476589c7af314d1d608b843e502cb481a561348

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000c9

Filesize
180KB

MD5
be6699a80ae729d50167a0049ce68eee

SHA1
c2d0c2ba68d97f7a232e6843e918f8031f1ab95e

SHA256
3ba956ee7aee4e0847a56ed471ff8bda4d5dc5a6646ee8325d2b51f93f05bca4

SHA512
f9918006ac053ace61223a4effa0a006e4b4b3293b6a74a97ecc22dc780b822c8aefd18cd4d2f7a4f7bb0e64d7cfe68d0d817dc4075d569dfa7d580553b949bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d4

Filesize
19KB

MD5
93069ed141b906f40645ff8d0cacedbe

SHA1
44f6f2ae47c447dbff22d4a105a48383dc24d8c1

SHA256
b6631d1b36e91ee87fd91575b16ebc9bf6bc264e85e8f0d37bbf7e08d69d5681

SHA512
90eb76355d2be14f89ec2c8a72f3f8534619c22b5b562cd062526351771d006206c7def2434ef5cc22f3637ccf275666c984a72213aae2998bf7623f930308f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000104

Filesize
51KB

MD5
71e117233904c97007d06964c85838aa

SHA1
bba8bb0f43499e4ec227b4aaa846a596b2801ddd

SHA256
1c6caf19b06b3b78e3da9b6c2e17334588c92b191124eb5b598e56d43e2a2867

SHA512
5280b847b8635bbd2d917e32d57f0a4b8e232f558e2276c7c5606eced3f5dd9e766d4cc5a2d6ce63b9114fae3ef4411f2d11b73e6b0fd9329ca0f143183950fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000106

Filesize
16KB

MD5
01d5892e6e243b52998310c2925b9f3a

SHA1
58180151b6a6ee4af73583a214b68efb9e8844d4

SHA256
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

SHA512
de6ca9d539326c1d63a79e90a87d6a69676fc77a2955050b4c5299fab12b87af63c3d7f0789d10f4be214e5c58d6271106a82944d276d5ca361b6d01f7a9f319

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010c

Filesize
85KB

MD5
b3e19e61f3b37bb35ef2d1b300ab876c

SHA1
1637facb807b6a56012bf20ebf492d27c97a5d67

SHA256
29bce7b699ce755ec2cea6985d2a786d123c1e8e7198b85b7db4cb22a03b077f

SHA512
5821dda62b176a8fea4accde10b6bf72c2ffd4a78964b5bfa6a5ceb4c7457eac636bdbacd4285334dc1016edd709cb5724da577c329f804d8ff99e39981a4d6f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00010d

Filesize
145KB

MD5
c082ac74ae5f2e3d7c85a5c760f86b47

SHA1
eaf4fb165300d3205ee7acef41f914d347038e72

SHA256
e8b39d990ba6a76f6357d840b8173dbab928edddde9412fdc1affa814617e155

SHA512
05b9c94c880ecaa2ec6e962791945e67766dcb35d4a14f8f9ec8d5b99fa10db8adf46596f1be01a6d2f9bd4f2056d7f31e4dd7b3f71b01e64706cdf945a26079

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000111

Filesize
47KB

MD5
015c126a3520c9a8f6a27979d0266e96

SHA1
2acf956561d44434a6d84204670cf849d3215d5f

SHA256
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

SHA512
02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000112

Filesize
125KB

MD5
53436aca8627a49f4deaaa44dc9e3c05

SHA1
0bc0c675480d94ec7e8609dda6227f88c5d08d2c

SHA256
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

SHA512
6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000116

Filesize
63KB

MD5
b174f164b5e466b5a43072fb4421dfd6

SHA1
bab2e54457fd3cf80a165be5b9fd97403bcf9595

SHA256
8a6db8fa14044309617867a14a6a3d99b3fc1cc896e658d80ef3b5834863b81a

SHA512
83f2eadb9c45f12f5ec74402983920c93f410ce9839048c7f6bb562ae37723c25337fc2053b2182cafc09f50586973bc42133eec969cba755f967dd68b932e8b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011f

Filesize
33KB

MD5
1aca735014a6bb648f468ee476680d5b

SHA1
6d28e3ae6e42784769199948211e3aa0806fa62c

SHA256
e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a

SHA512
808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000123

Filesize
30KB

MD5
db08152145f21fadc89c29e63038a4b1

SHA1
ad4dbda5cb724414ae8e3f2f0c476394317ca249

SHA256
7694cefb5af91fa4ca7f915e59ef6c12c93b16f164b959a0740788312adfb118

SHA512
6dce5904c77b2a5c0621ce2c0aacf7102ebce77ebef8b2c1fc59c41be3ac2bf64536718b8a1c07326f9d80666e44a70b382f289df7ec604853cfc69f73ef8cc6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012c

Filesize
64KB

MD5
d6b36c7d4b06f140f860ddc91a4c659c

SHA1
ccf16571637b8d3e4c9423688c5bd06167bfb9e9

SHA256
34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92

SHA512
2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012d

Filesize
67KB

MD5
9e3f75f0eac6a6d237054f7b98301754

SHA1
80a6cb454163c3c11449e3988ad04d6ad6d2b432

SHA256
33a84dec02c65acb6918a1ae82afa05664ee27ad2f07760e8b008636510fd5bf

SHA512
5cea53f27a4fdbd32355235c90ce3d9b39f550a1b070574cbc4ea892e9901ab0acace0f8eeb5814515ca6ff2970bc3cc0559a0c87075ac4bb3251bc8eaee6236

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012e

Filesize
41KB

MD5
59e89cfa71ea71dd68ba77139687871f

SHA1
e4e29922c94ad478c0bea45ecaaa2072b5e20253

SHA256
e7001f5614f56039d4b9a4671768fe9a6bbf7ca89d4c37a33293923fbb6f3242

SHA512
658c926057a53f1f3198031534533dd78c96115d0239c08de7be160f9a5fa83a33265b96c49c8e6975c9ed660c3692ce60aaecb6e8afaca25b0caf4b231968fa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00012f

Filesize
19KB

MD5
2e86a72f4e82614cd4842950d2e0a716

SHA1
d7b4ee0c9af735d098bff474632fc2c0113e0b9c

SHA256
c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f

SHA512
7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000130

Filesize
65KB

MD5
56d57bc655526551f217536f19195495

SHA1
28b430886d1220855a805d78dc5d6414aeee6995

SHA256
f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4

SHA512
7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000131

Filesize
84KB

MD5
74e33b4b54f4d1f3da06ab47c5936a13

SHA1
6e5976d593b6ee3dca3c4dbbb90071b76e1cd85c

SHA256
535fc48679c38decd459ad656bdd6914e539754265244d0cc7b1da6bddf3e287

SHA512
79218e8ee50484af968480ff9b211815c97c3f3035414e685aa5d15d9b4152682d87b66202339f212bf3b463a074bf7a4431107b50303f28e2eb4b17843991c2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000132

Filesize
1.2MB

MD5
3d987b84d52187cb131f644abb746f47

SHA1
0030db7851ed284e99745a7acd501e221784115c

SHA256
80df740334a5705117953c25c58523282d78c6d06eb3da3e0fba7820fbc5a1f8

SHA512
139a698ab427e75a9cf123df1d4eb3a8287ae9f15a6430e5758c49a18d022533752721e5349f2543e3ed0b641fab1bdb46b1836179537b4e6fd091ebbb2c7605

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0344fd820bb6753b_0

Filesize
1KB

MD5
edb092fee6174062269b256e559329c9

SHA1
151d9dd2c84c01559d10786454684ea25d9a0087

SHA256
15938b4c9889f85260f9f62ad37347e40ea7006548734811cb568e56bff3c51b

SHA512
23606aa7e9921e0cd6447484865607e06245da16dddb06dd0294e1f772327b5f30e414d72e4554b7f0d764ef2fd8872eabd6bc0ef25695f8e890463cdd471523

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\08d5348bca9a0de1_0

Filesize
19KB

MD5
717e44ccad04794de97789f30164e12c

SHA1
52c5a9d87bac87fc777bec9267af690b8696cd43

SHA256
5bd2a3d1d1783210a81f2f406e23d89c1e1449391536e182b8b1fa9894dca38e

SHA512
9cfedcfd7b7e51ed9958e0d3394585d2cf3e2e672e2b0c6978c398c10c731594b74c57a9aa13b657937e2661106c348a6f805f54d940b4339abe3c0774126594

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\099e10439d384bfa_0

Filesize
6KB

MD5
551f45e83df6f9ad98006d777f827169

SHA1
cd0d8213928516877fdb3faffbbda1e833f2f264

SHA256
c8b07df8e582d03df9382890793c4bd6ad097b1c9fb0ea94cb3333c3cbe22f0a

SHA512
8d588a53ac5688e63f51bf1c2f68d06a616f5e3793ae456d3620fb0fc06d1a7d751583ceee8674d69007893d93e5e9296155d8b94cdf4cf79902c42516299f2a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\09b905227fe2b566_0

Filesize
3KB

MD5
4aa345c3be5836d678bfe30191c345b7

SHA1
6085b6a2ddfeca25a912ff15b99ce6cda818b246

SHA256
e955407d5a012253664e787f61fbb6ff18a0f7c4a73f43f86872138371e70c1d

SHA512
ac32d4616c5c13d6d4bd17c133f920054f07d9bdf571b2942b720c17d4c82dd2d80589a082365cbfbf862e4d5c882d849cf8b903aa80f7bc677ee4f4a90e8ae3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0de8c10d9c612138_0

Filesize
7KB

MD5
0b40626af33cf575326b8b2a8bdf116b

SHA1
4d281ac74eb6232a12dcfb91428c83beff69e91f

SHA256
14a18e929328c19d56cb9b2002c4906349181dd6b14c06cc98eae1e1276ed36f

SHA512
64e9043413349c09f6a37f88b91159d7d57a5fa42c852779b750187d41691cc90520839cec0451110f06ad7e4934e69b3fc025b591847f6408d7498cafc51cfa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\103cf81123f9948e_0

Filesize
436KB

MD5
7ec6c5ba874cc38f5c941c4be327d7ba

SHA1
11213f744dbdf8300668e3467c796c69c23039a8

SHA256
273e140954683d2f26793de09efc555ed070ea55021b7593b308a60184fe0238

SHA512
e6f60cd18ffbebabb7b058fdecaefa1b5e390b11979c8cd45f32e8d90a1191c4e82e13edd7fa781911f3b6ba50c6ca5cca1468f14260667951c09bef571ed787

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1335940a5a13f354_0

Filesize
9KB

MD5
f02f7220528c03e7e5e6b50779386697

SHA1
c60f23970eb81f15ab63658a5317768eb2117082

SHA256
9d6bf25472319beb001dc60193eeb0750e12df65355d39ceb70f20e714105979

SHA512
ea5a7ac9356bb91e610c0199d35898487b08ab187df29019fd34fca45fcd6962966af010da5bcac5e99402d86274ddf8ae315e6ecd37265aae12d71cb23862f9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1b342244409a7f5b_0

Filesize
1KB

MD5
f18aa71701dda1776ac5fb10c9e90823

SHA1
18aae658c5b08d885e70562ea029a34b5e4c2833

SHA256
95973e3e3919329450a4a758b0d19ac5f64f51daf152cfe9d683c1050eb1a609

SHA512
d090e034afb12e3b220a1f94d2a411167e5a93ce482615e8d8d8a68b6deb077abb5f9c47c5b38e7e00c3c4d45cf31d4fed9ee9ef38d9e88dd545e19109c51b6e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\20caa790ebf18324_0

Filesize
22KB

MD5
3a3173c72633a0ada77f195e3e79bda4

SHA1
3478b9fa1092cfc1ae161a6db859a84a79e41e72

SHA256
696bbbd3ea3b81cfec334c77eeac9fcb873add576e15ccbe387b41fef76915b4

SHA512
adb3a9ffcb4b6f0d4eaf545a92f16f39f3fba3a357782ab3ade987e13097868caf4aa499cb2cbd2d320b1749ed299d5e5171299ddde63fc811bd676acbdc91d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2311af0fca936641_0

Filesize
26KB

MD5
d141eb4d817f32982129de6fcf0d4667

SHA1
391aa1b12ce176217838fe83a580b635869cbcde

SHA256
93d7438963b8f169281881d89f85974bf28977f4791a14423157b90f611665c7

SHA512
5f674cf2635754bf3ec6d6dd33bcffd3c9b9ac4d80718ebb187b467017fb14c8e938891c994eeb8bfdc2a87222521ca8a953b8502f6b2af637e61035cb19cc84

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\231d80f54d2ec417_0

Filesize
2KB

MD5
cdaa01edbdf803ae653bf635f77cc9dc

SHA1
4f071c24057f241b81be98fb6044b6c74a6f7c28

SHA256
0bb6e775d1271644fddd76265486de83f23b4c6a5631d4321854b7437cdabf5b

SHA512
8ef4df08967ccdae2f6b6854c50dea943867985e696e0b30e51c81b4f50db154b8525433f019a2c903495a73355025d43f5ca2db35838935619521ad02a2fb62

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\23bb41b1bf0814a5_0

Filesize
5KB

MD5
ec51d1e78986b881efde7b5b041bc1a4

SHA1
f942588f4a8f1a4064367041713b01179857eb9f

SHA256
a8d9e282b1a6e8cbf84c88e5a61d6ff9ae44ad341be6df166ea0619d6ed2b4c8

SHA512
a858d28e4ee4fedd468f62875fa029501f1edad30c0f2a583009502b9bc23d635d590aa5d0c833ba8b44b5dcfd21551f6545c3d1c33746a359f89e6c46c00851

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\252b4659dd55d3b3_0

Filesize
262B

MD5
e068d2373615e720dbb48fd15c1e66ec

SHA1
fc45d0c282bf4ebf2a75633978b00c9c0f467f5a

SHA256
02a09ed23be00271096b82587156d7048fe14967a88bb624ce8f8b5e0235a480

SHA512
517acdf11fd8318102675aeb4e8174df6732dd852173510daebf468528131af467525e67f0a0db31e869f63f50f5501d35ff253aaec621caa6928b9b0d549a94

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\26069886e990cc46_0

Filesize
3KB

MD5
e7c069f54e754d881661c3487b9b6c4d

SHA1
6a73012c05b897126e2bd0e6a08186d6a11414e5

SHA256
777b040be4cc0a23c0566e0e4ef271ec6ada310ff71a473d1f4ec20048e4a3bf

SHA512
fb74bedfbd4ef49113a14dcafbe7842ab0561575c1e760e9a8c6600e83d044c8d2928caa1463bc70e231e5d1dfad67f100ee64def2606d31ca87d22af276df46

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3552e3a94b35b185_0

Filesize
2KB

MD5
22121f13ff7823a7f187cd00ae082b6f

SHA1
831c321a24bdee9148f2f7c980bf4581c37ae890

SHA256
156b99a9dfa3f4c9c9ef50f22a49de385b26af3a421fedde763a0832b25509d6

SHA512
08b1ad819566cc92bb80268061444d85e37fb6c38a44354489b7e7e4104e76c76bb1685d70675a39de566ae7c206816cf8fb97dcec5cb62dc226814e62e1d955

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\395cd751464365fb_0

Filesize
3KB

MD5
31dc7e496166b9f3d9f9cd8c14756bab

SHA1
4540408f61ce2b7bb42bc4c27aa75bd12b1caba7

SHA256
ad2923f0f9745c9813c2e12942078b2a8a2919b624d3b83f2916e77cded3d53e

SHA512
7e0f08c27017a24166738642457ccc1355c73d623222e93f260a6e1d12876d9c3d25fc673eed7c772f694b496de6c3bb76feab680de3b18be4bfdd796f265572

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3b3e0ce13da94924_0

Filesize
1KB

MD5
a9d3c9d03a004d9ce9fc45c0ff0ee33c

SHA1
01ba053ccda969dd9e1039b5bc661aa676300d01

SHA256
b5b4908a23e00eb8e221902d777f0a4b62e7216e2f7a014a8f65c99d6293d142

SHA512
c1ff7010da8c0f631ffd326af9c73ebf49cba53051ef66ead6835276eb0c13131397ac2aa3e1e06a4f2281139b9541662f053b84a0474ec67e0f0d1fffc9ac7b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3ee423b9adc2ca8c_0

Filesize
1KB

MD5
eafbfc1ff74a2a53f95b3b58d9dd9466

SHA1
e2aba556ef145ca573f23fa19ccd12e4b75e752f

SHA256
28b4e7e25f437a4270f7318015a34397508c9044ae80ff4c2581f82f6f0378b2

SHA512
1367f30faf60a47212336d4037ad5661c87f7fe90975a1a6dbbd3f3e023fb63730ed64c55b154336cd274ac06c5111f3a58414fa05d242af5424e8b6f60da08b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fec95e34b9c456b_0

Filesize
2KB

MD5
3e476a287ab87c04402d58e01b9bf2fb

SHA1
b79373d77a21fe715b384f76ef1b5ef37cb4642e

SHA256
f2c0597841f06765001b167811c3a745d5b2252f666777d439e770b68842b389

SHA512
bc38baef7be1dd32e53e5c330cf6b765eaa64298d2f30add40b24c2e7a9cc902ec4028fa4f5da58464a0fc485bd9d76d9880c5c4422c5dacc15170823fd1a4dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\407e4f62b57c62d5_0

Filesize
2KB

MD5
9f1952a487f2b97e95dd7e9122e94046

SHA1
5e01f1d7703c6db8e35f58e4109691ee31df4431

SHA256
16f2b5b3bc43eae9724b210784a6178b1fed82077d125aa431d936e83626e9eb

SHA512
25a0a3e5218845cc23cb842470467f6daedf6bad2444172454041b039b02047163fa11c8bb5249b5af39b961e0ffae09a09393400f473155bd56985b6994c6b4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\437445634e270822_0

Filesize
262B

MD5
dff24bf71db6a0e30646a18dc72869c1

SHA1
4c761dad3652c8241db168c2e8c0d298037cf1e0

SHA256
1abb78f2c99de4eb5cdca6258ed67943e9429d96bc30c89581d957248c19920f

SHA512
7bd9af215a2c9f5be06667abb4df7dd4b573c31d6020ca638927cfc09a835758e3cf3bc846de3c6b4820041dba7ea61887e529e306b2410a5ace68a37ffc4112

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\44d49f9dff020a86_0

Filesize
7KB

MD5
1d5b1d245c0bfdf0ba784dfe531f6506

SHA1
2a4926824a5091183e2d137234a97443191159f3

SHA256
fd28bd9eb07608c57dc5cf6db8ac415322d58eb65cc159c111aa2bb6da8395f5

SHA512
9f6ef8ef51b7ff3ee1520cd415362a7f0905b89b32ddc4ef28efd7d739f4633b9fe77a65fb6c2ae3c49f3b30138e1a578d697a213e6f5a5e3107aed0b65ecef7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\451170c3a768578d_0

Filesize
2KB

MD5
672eca6cfc60483e3e53455ab9373985

SHA1
a1cbb73e665e1a65afa74c8e22ff78c23f97e071

SHA256
4ea3eb65df0ff996479341a1be07b8d5682fe0f56042b058a1cf49dbc7706df8

SHA512
d2a42063029a195ddfa3407a73beeb18a1e38cd756091296ed4bda75272cf527ffdbcf757cc81ba7091536be90410bba6900081e6cf09472b3562145bee8e097

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47f3e0be7720a1ee_0

Filesize
3KB

MD5
14217e2ab5aaa6f86c99327aa8d8acfb

SHA1
b139d4b1d25179258e2c9a71e379b987ca8823a7

SHA256
8ae61085d303e024eef8a99026d6410a1656dfed2d8f72cbfdce02f9b3abd61a

SHA512
f4814dddbea25b5e56b8f50143a3f5607be53a4edc2c96e2ffc16a26b993e303b12fb703c23f0bcbdd45e96253cc0d3fad8af9c8e9a5acc86d909dfba912fd26

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\482e8abbef9c0889_0

Filesize
53KB

MD5
0db7afec8ec446dcd62e94cac171a4a1

SHA1
504f984aba370583d4077049e716d50822ceab6d

SHA256
7f2e9483a1f09eb11de301108008b9a6c9fafa11400046e92a11f11318dd108f

SHA512
f4ed6e76dd14895d325d6f41adba2cf7acc534c4b799f5901d5275fef8428838d5b95e4c1dfd1e25aaf049ff7be2c531019da4dba1e526d0d1b84987d0e45afc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4cdd883a70ba1c2d_0

Filesize
275B

MD5
c68af87956f97a1d1ef29303f7a1f297

SHA1
16804aba84e9905a31e9f1bab198609cb269cec4

SHA256
0b2fa496c1e13c43d3df7149ee6cbfa5612d28aa2a7e343fa45fc5ec6077edf5

SHA512
3cf4f8daa24386e831bf5e3218318e0466e59e175f95435c757c79a9d61dd94ae294d7cafc640895c7437bf061ddfb5a938b1ad81955200f3d88a6401752438f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a2fbab3ebdc368c_0

Filesize
2KB

MD5
d7842c27e84043f105c30cb09d6285a1

SHA1
6466732a8cd3d27ea8563b6e8b7b781e45200538

SHA256
41d575490a05e8042e84e18f6e29e1b39f05be744510a54ef5aa98f55aeafc88

SHA512
5a976f669f9fa86aa69799b4964dac7cb66986105da346ade5881f39c84b2aacda3787e6c1bc45ff520aee325ff198f4591c9891d1de0779fda2c7171b45a1d0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b1c5eea508beb5c_0

Filesize
1KB

MD5
eea9bc40aa86b9cd1643cbbcb7da1559

SHA1
86382ddfd60ea24e87a6509ef59504adc4384706

SHA256
d3fc5a07c87f185e089cbb92895adbecb69f505ddc162b717f19ad4b79e0976d

SHA512
0bde874d087106bc70a6b3984412e92a22e8abd58725965b4e180e952045066f5106fec27e5f2e150547c9483764775c7cff58fc29d231b51823a0a61bb13b75

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5cb2cccd7f63f317_0

Filesize
1KB

MD5
0753236107602efe91d7be68c228e2bf

SHA1
f8dbdc9a87747f25d619c32e8f2b78994e893402

SHA256
fe7a022ae486b394ceaacaad5bda2b9bb248434e63f19e091b072c6d1ad8f386

SHA512
4acc946dd44fbcbdbdc8b2a81a6609c846d639eb308eeab1051f92ed344d537aa3313cdf5e378b74f3a59b68dac74097de628b2ed3149fe1b5c9929bf7420df2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f3149bc5e88249e_0

Filesize
262B

MD5
7d0129d67e99e4e09cc1619a9d6e3d83

SHA1
fcaaf9d01617085ec6261ca717406964d808478f

SHA256
223aee6737eeacf55a4945f57e17eb1b0a6a5d244354682ff7f72596c628df62

SHA512
03e4d9c8ccf8952ed2e8f2f8468e83aa66c4424075e62377930b0bfa3e402ee9a964f4845615eba2ea9826e0b1e2aaf5c3c1da1168ca5b7e47fe591789bb7ffd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\642e92cf02934f40_0

Filesize
2KB

MD5
e44b61059de77805ee7365aedc9e1ac1

SHA1
c608c3a813c430c5ec9e0e96fd3f6a27937891cb

SHA256
1ddf5cf29975eb005928d9fcc1e5c17af9142719b315ecb03659020bc8390180

SHA512
980f20721723c8c8c326104c0d4f98a8921fbd83eb948a209d13950fd4dad3d196be4485bebf61599e0829c9226e3d90788c1f1a6ce10de1bc32178be1ec2281

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6a76d303add92bb4_0

Filesize
3KB

MD5
46b02abffc459c311644294687d2209e

SHA1
7cfb8a551c4102c6c9769011d95d72d216980c2e

SHA256
9f7a57ee36c254f7bd1f4b85cce8027c69c18a0bea230a581af0037e29bdb667

SHA512
d4531413024fd2c5ab5e9b4c976fa77d3d6f7bf9b5e6b1d17e0156149ccb7c26a3f06061652f1ed48a3757deb2f23d717b0fc030198ac676a01bee535fc1d4b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74f33820d1338b1a_0

Filesize
3KB

MD5
0feaec139cbdd6690b5049fba67a02cd

SHA1
21da7d732b9e10d6c956d135ef2a937cc5d6ccec

SHA256
44b90270ebb7a49aadfba1f8a07b878e03b77a2daf2b7eeb3a77cf67af221543

SHA512
384b47e2167968d7c595bdff2306f560f4caa6d3801234f2a2968dec39da03beb63c565332b7ef3aaab42d809025f0b0f7a952e53547eb89b2090b2b513ef5d1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\795e36fee1dcf3f5_0

Filesize
3KB

MD5
896b6031956ec1813d97a07d6295216f

SHA1
260816ff8502e11ec6b273667d8f44510cbf2832

SHA256
a3846ed5959f827aaf6ef9caf15bcad40499e575e56252d65262bb29389b44c6

SHA512
a7ab5ecae390b996f4289c4220ff7eae416e64063210dd63b2578a7872a667168e4dbe042796da67be84e06cb314c08ac3b48d37a5916be3940429590efd08d8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\850c4ec620521f44_0

Filesize
52KB

MD5
7a3a6fb29f355367f63ebb5dfd8adb35

SHA1
9d8918d29af09270f92e74b6d9b8c2b486275bb6

SHA256
c614974a3682894002bc30849cca23d2fc951b53bcd0c14f9bea466042d78302

SHA512
e02eec69aee121854b78a964ea661adc372384dd20406230964bf1acafe3f67ace74a93d66909b28ea57d91290b8cb5909a76d137994798e79dc4bfe59c70853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8bbe961e1f9256b4_0

Filesize
7KB

MD5
ca36e30cf16a13b8b82af860f41ca1cd

SHA1
0b041ed04854b5ae5e42dc2e21e767289a81474a

SHA256
53546f5e36a5373215cd05612ec550f160df85f2fdd94b225253965231da1e6b

SHA512
712131dea447f9fdf900a0cfe803375c65adce2a313dd0bb2d7b882c44d0fe8c500cb899ddffd4039c64109d7f91344e597b7123b2b076106c43ec4c78e8b980

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8bea4ab3650bee52_0

Filesize
1KB

MD5
19a72c8d857eb47ee87ba1bfec8495b2

SHA1
52dedbb0ad6d7490e66ac97994ef133630cc7640

SHA256
405a4e2cded0a7c7395611ed71fc96519939c771256a62c339b799248acf3b6c

SHA512
f1d573aba2dfa8942c3f9e7a5e5269fc40b64f267ae6b60215f838133d639c5ddef5236a4303e780ab82de71d45dc74d07d037d53b75c2efb58e7c4dabeaedce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8c693ebf5cbc3df2_0

Filesize
4.8MB

MD5
fc43ae4e75ded9df354772bd9d9f1487

SHA1
6c469bc4f907698b69fb35e2d517c3aa38d395c3

SHA256
97f3a5e3633a9ccad5a2df8c4502ceae79d4e539dd70761d06abbb1000d3ae76

SHA512
f8ab717a057175b4abd1f8d801e38db7134db28d219a2faf47835b10c9da07e9718af95245220d3e54ddbf022bc52dcecec0248f2e1d165aad45feb6bb7173c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8d00ee6fdc5db6f6_0

Filesize
6KB

MD5
4a89351f3537bd6aeca54bc2600b68bb

SHA1
6b3a3c86eb8ecc2244397ee4493a4bd065cd8963

SHA256
c15917319d5649ef4245712895b412ac855182b85f649369f62d0b33f4539f4c

SHA512
48ed19af5e64e284b8beba9a708e4ee336afa31484b5ea25ec038f4caa95b4b5e54ec116730e004fb2f2dffedb87a5cc3e5b880ce82ac45f217c39b9a3c340db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\91e4ac03c4f64f79_0

Filesize
2KB

MD5
2f4aac268e6b39651216d2e264ceded5

SHA1
e26ed78457af7de030526b871af4b99d72c92b28

SHA256
f78c04f67300867301bc829ac840b8f6a7ceb89ddc333d5d8252509873dd29b0

SHA512
8747ed7916bb1fb43f35a45b2cb986a006d5aee32204f0f3ef3f0b1075c6aa3bfeadabe78289e3dc38e41142d8f19c2af5e8cbd9811524bccc356450d36a2150

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\939a05e3918f8454_0

Filesize
2KB

MD5
188b136bcc2628343407eb1454a82f61

SHA1
2c78216d4ab24322c175b05ef95fa2d55926d412

SHA256
b1fdaf1d6f21dcaafdde3c6991020a26cddafd050e0fe93abd431ba4f56b725c

SHA512
3e9d647ef1f46dd977f578c51b7a52213ae436c4ce39829df72bfb22cc01aeabdd5d59a57fcd6d7d9c5b2eda3a3fc6007dad14b01ff1d5d8fd998b55f69db219

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a5e388174f596eb0_0

Filesize
1KB

MD5
f855441f5063b9069a0b6f3599e710ca

SHA1
465c5591ef3af71aba52544b8ff57afb13bfc157

SHA256
424ca77ca1afbfdb1e6b44173a930b302795138c324c18101224d28370413e64

SHA512
e4ee91393a404202d7cacb0b10d4c2941b0020b0c249c77df1c122cda38611985caef23d86089e39eabd9eae3cec0d1dd8f3a9bf8475661f0964aa6ded9bd3c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa0ba30e9dc345ae_0

Filesize
48KB

MD5
375e3b98cad80b2e77890ea822a39208

SHA1
53f8b26ea217998be94373c8e8e811266724dd0c

SHA256
f7bd8a65ffcd128777bed9959903a91516c634c32983bd50b411055672d86a34

SHA512
f8dd8463702b586fe10a68af7a34a660bf81e5720c0ad0cdf1ba4064a7a7582b7fc590e4918afed35fc9de142da4d5f061dc9204aecaa2bff3dda58d61e430c6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aab63d9783133eb1_0

Filesize
9KB

MD5
6520990432ce0ddcbccf3845218a0a78

SHA1
a0907fe4ce73ad9862381b51c9fe6e2e5532fc46

SHA256
3e8a038d77d78e6d17c9e71ec35c4b06e91d53958b9a90bea9db8b51a04e9c7f

SHA512
d008d809cb0885dc9adc98db8eade42a99fbd226ec54c672901121a258a0c929717db6a2b0dc78b1fa29b24906d31c5a9804986e65595396744e72dd8ed05e33

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aacf7971e2e1c3e6_0

Filesize
2KB

MD5
c38ab5cb56f448cd26c843c388649bce

SHA1
1576f3cca4989d3c6ee77d9dc533d6ac34f25eb9

SHA256
5c1ae42648a2f4868aec9ba987772b848d14eb86595f4eee77801199f6c9e239

SHA512
334a227c428d80e7d31e537224eadbc0ad3791adfb9d072c9830668e5a7e56ab09a371a66013be8755ae6993eac03fb72d906c6a5126d1321c08d2f1143a3d2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bb35d9970e959973_0

Filesize
33KB

MD5
89134a88b72bdb041500c1177636f4fe

SHA1
dd479180adcd099f6c9fa519fe4c495c5c555ce9

SHA256
84cdb2f6ee4864d58e723185300e2d156f657acbf9924a61fe322d61f7828bf2

SHA512
c0afeccefcf9155b5b6fe90bbdcd83a5fd008f858034308b412b3e2de8bb83bec731146e69ad0fcbfeaa5ff47ecfb9b7a73ed28d19f6866426b185b72af5eaa6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c2d2b9ddaa1facb6_0

Filesize
262B

MD5
27fc00ab9ded453403cbb0d3316439ca

SHA1
6db8e7027579ef22204cdc26ecd9c3c6c143f751

SHA256
feb5c23f1189080d4694fdab1af4882146c6a77113053b462a3306e1eb02e5ce

SHA512
858c537ea8a772a31339f7d716cb09bd1a09de6488adaeadb7aa6967a306b89767849e63523b2522b46ee6db10a160263e1ae758c332cf3f60cc4aec4756ea47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c75908f5f096d979_0

Filesize
3KB

MD5
16fd08dfa3a69ab9f055d5be6a9a4886

SHA1
ae3f931b9d8e7851d8a9ac988c4764c70346194a

SHA256
1ed343667fc78fcc976f77440448440f70232bb72e3fb89d3c14329a5ebfb3e7

SHA512
c1f42a20aad2ade5b709b2172ff7b7c17e01e0fae09b2c0d0a37d8de89ac9ecc6d6f5c64f4fab9f852aa8da18fc70532e5cccd6fa644e991b2d717f9c0049e39

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\cdc67880c035c2e0_0

Filesize
7KB

MD5
0c77d7ebbc04f43da8fe328035f9cb82

SHA1
92ee4ad517d6290b46e9aced9fab1a832475245c

SHA256
37f52003cfd1e0dd05e876b37b5691b18ed5667a6b2e8c0a5ab9c11e0ff7c049

SHA512
a4bc20a2d82183d6ee287ae843c2b4fa4283ad18505e6a3263d429473f201d4d67ee364a8b1a12fddccc8222bf6628d182cfb81c3996744aa2bf4717f7f94b9c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ce1059c478c2e6f2_0

Filesize
2KB

MD5
c9af0cf24bd6715a89753a74ba649810

SHA1
19f1aa2f861681cdc9ae398a2ba3b9592ae83d06

SHA256
5fbee7605e3fc9c3d7d6f549a915f106710f28d1a51e53515d0384353a540af4

SHA512
d86ed71bb7c881d189592e598497b8ec2ed5ecf0fcbaf4b452493555eb2d3ef4b513ba687a6df6c1d7580ea82f0bb6c405c178c10f336f2256868d40ece6b4b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d0bcc513e0682a40_0

Filesize
1KB

MD5
5b5e79e71bd4a085386838135186d403

SHA1
ab6bd10b4c8d653bdc0b9f2ba2d9610fdf57d2e5

SHA256
6f6ab5d73b37d068f76828bd59e8df7dc6aa923f5bb075ba725b94144b380dbb

SHA512
42c9fd7dd8a957497f139c0925aee674d1404fe4fcff7582193a9b49a0aba1076df97fec4b0c12cba4faeb489df17a6f11d29eab09922f0455f590fa76c97989

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d252f20371953868_0

Filesize
5KB

MD5
98c1d79da4ef24a495db8ea72f24d500

SHA1
c4b11299309f349ca55ea6edd15f1fb7c215eddd

SHA256
62a480e8062b44cd79c5b23c7278c208102d8b454905b506911838a2219b3a68

SHA512
bdb0ab571e54ad91aa3562dd0c3b3051a384a00ce534996ecfeb96ae3f4b5d2490f2bca44377bc4123a925b892e0764b0d4fe7fb9a9d1222e02857e138a5f936

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d34e8d364ca71d6e_0

Filesize
1KB

MD5
426c5d4496053d35e35e082d86a06f02

SHA1
073367cff4fa6c4229d76ad33067eee73a1d7d7f

SHA256
3c6d7afb88383972e341d4084691588fed724c8d06e35f0d7cc68beab46202af

SHA512
55fb705a9595a461b4e720f3fd533d97cb1d7f6848894917ff229d2c73688852b4cbb95d01344dc336b38f18f34a6ad5e66a357ccb602853865c5cf60e58dc03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7dad7c8314a2dde_0

Filesize
2KB

MD5
fcf03ec928fff2c54c120f48ce8f5e97

SHA1
5629067f3c0845393c7d2204aab70a95b5f9c8f6

SHA256
a72b68c4f7c20c655840d7ded67e536a4ae365cb55523dd3553beb661ec9ca3b

SHA512
f48e8c937b9c8bb949f08a24adbc41abdbab9e0f1f174eda6769a09388e27169f5ff9020ee6ca8b7a74ebd8e23f0ed44f9246e627ab2d0508dc8c7752c10bd5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8cea48702440e81_0

Filesize
2KB

MD5
65d053447748502f87bab68664041cae

SHA1
2b2dbcf0ac4ec2171c88039ea5a827e64d08da65

SHA256
07f385772f2008b4e4ceb9ab38af242efedd068be87e5b8e15b72957165d3e31

SHA512
4bb4c49b4537c6666f824c79349d5d2ecfc4a76798fbda21ebc6078271973622f43c2530a5b53e25444a05dcec6099b08d446c848f7e56d1074dd881855a29b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\eb152fd45d310867_0

Filesize
29KB

MD5
4b10b40c90361745dca1c5c0b752fa52

SHA1
55ed07e2af85442f3a50c76069f20e5daabc3695

SHA256
a4b36b0d18695ef0bd0e5af09a133223d90129bd0d16cc5a15ac3c813eed998f

SHA512
adcb2e20778c50b3756069542de29906f9466d32937a3035d009fa8e0685ec4b9cdd638051a5cff0be5893049798eeb1977c6971c1e48692b16b5f4d665dd60e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ef6ec442ba19a2cc_0

Filesize
5KB

MD5
96bb9ddad402cb37eeb2d8b6c3a40f9c

SHA1
2436cdcf3e74cb0de3a918fba31d784ffb9d5bcc

SHA256
19e801dc74cb2817ac23090a2ad601a1be07e3d418ff57ed97abd39be1c96965

SHA512
da97a6ab7920059415cb536b0dc97d06279938f9b07955fe00565cb121b47efe06599fb375ba27c9d632ffb122a0adaada75c094fe45d8602274a3bda65775cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2d10c35ae143851_0

Filesize
2KB

MD5
5e15b11b7a3f83a65a71be81ec6e72d5

SHA1
c7fd165995f5b95cbb3a150b575345b976a45dba

SHA256
861e984eacce6b3429a21d0b1f827fc20082ea1f88ac67df64f227364266afe6

SHA512
743b3d3ea821797a40fa1583397f538306303079399e9c8bf681ce73d615dccf6cec9e01c218880a62ef5c7ef5d36928bd9949520c1ec2fe441f761afe0583bb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f38417fb120bccde_0

Filesize
175KB

MD5
a3540da8a5e7f58add7e12847225e32c

SHA1
520a10811fc8a9daadd659ef2011ce0e85cbfc97

SHA256
3627d3c1277c4d1ec1183970990f0586c30091403fbbc0e06bf8a85204f8481a

SHA512
b39dda0b719232a2a89b835ca3cc2385f1fd475645036b7bb968130f3c15d7a76739c271b013b47a3ac6053e7584715c5bea8f5c230b80e62790b6a612e05559

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f8f986bd60127d11_0

Filesize
4KB

MD5
23ccb753fe34770c795e36728d4f2048

SHA1
91a9433536e04972206c8cd3c2883efeff073448

SHA256
051dad12637b0c425aadd9638793e979db1f13a0ba1d5d26abc9a2d322538b84

SHA512
09f762945c7165c423147aebcde3d5dc42b40a11376e25ecd2d4c639c5722ea89b9825d78f611ba65195ea15472aa4b6d81f838f8c466be354cb757c1a206a40

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\fcb71acac6a37b6b_0

Filesize
291KB

MD5
9b270fd013b49a6120ce8a86a7e6cc96

SHA1
1e1a86d04e1afcd9746b74804141546e66d34e4d

SHA256
b6e9d633e475f96d13507d28296e2a70a90579c322952a36c3c47440cd627c4c

SHA512
e8b56c8409891f9051d2d1bb0f479bc2aae4d95563b2dc98478ebbe83130484e04cf73631b1eedc5335f76917adf7aab7c524af8298a3f9988244d38ace661d7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ffdbe15aad5f0a0e_0

Filesize
4KB

MD5
aa9be9cd33d27431ec26f063550eb641

SHA1
2d64a19cbf243dda030d4d841cb6c37a1e8eae1d

SHA256
b3cb22772f815d09832099ebd220f963e81f9ee993cc57652d9e225ad4601b88

SHA512
f5b98bf7cd6c40b1dacaafa034a24cd0342f185e6082fd6c46b974baa642e12f7f110d4d2e0d860a4681a0fa9d9484a3e96ca6190418a268b8d59de3f044d466

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
ed826fc78443c0b727d2b72365894f0a

SHA1
07cb4a1775f9002e7ee55f955d06daf67a2d52b1

SHA256
795ff0ff7dbf549c55a7563f58307b1005b129a7f691a2f4eeb8253eb24989af

SHA512
2b7ff5ba8b6324767a0c59e02577387674e5931c532792e4b1c50b28b522809fd8d28715ac73ce49b4ed701a67c09b24980c57a5009270228e1a55675e5a5dda

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
4f21b0595a8f2e782336f1fef9817cbe

SHA1
0245d60b34c70751b8b5c2214c452fd40502931b

SHA256
6b3784c01d8b4b02af114df7ee2f9ae9afb0759589329470c7b84161d83471dc

SHA512
7df8e54d89793193af562cb1480c92d8db3b3996a0b1e8d52440c674a8b94a25b7bfc8d2ac81e2d9398fd714fea7a9219974818c5a5e1fa7bd4bc0a0f01a9573

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
e4ea6d3763572a95b8d7203413c62e33

SHA1
900e7223b6ed12c825241da905f4a158d36198bc

SHA256
84460b13a950daef89db50f52314bc955890ec230141f1718a9165cca6d088b9

SHA512
9cd612ac706e437a12da238a0ca3a874be84c31bb02eeb4f839dd644730157785dfbf3f1e0a7bd1bcef941c049e1935e839ade979500ea5f513ba1b579c6c1a7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
08071b8f9ba1d97e67083385df81cdbe

SHA1
34281faf5be2a79a1c1e24ecc08fefb210ac6c12

SHA256
5097b72e48172c53c858c4ec6b1c5a653a555947d427786ff23e3f5cecfdcac0

SHA512
d31aabc48eebae104d7012be578803d168556fd434e1d5fb10fc4c6541a818ee2fb4a5a304d228238b54f0daf78d947350e2c0b0b9a94d4f079650cb8f85c483

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
b1c8825fa2fdae3044b2b27e64bcef99

SHA1
0613e4a6d60a0c7812af5955e5802af93a0148b8

SHA256
7da0684e463fa552fe838f5adf9e019f360e98e641f5e675bae829eed9b774c6

SHA512
a5cde6fddd5ad4087fd101f7d250d1dcbca61cda0a5fd6e557de367d261642ebbb35997c65e759cd356e9fd5912181677729cf983210ea788f6894c369ea4d90

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
33c19eadfbbb4620d846569671dc9521

SHA1
6efee80923c1573444e4327e65eaa0ad8e5388bb

SHA256
da16c2f1ab6a5e9c001d66fc5cd3ece285b587a4ef67227593f31c87f1e32941

SHA512
45cf1d8b6c0dbfe877c928a085a62b747434d02533018765f5798511521c9d6ac6ba80d2837a920743a3b7ee3e6feaa9b0751e5542958320715a84331b51c03d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
f12529819d8b5673a42f764b4a58ee9a

SHA1
d40fb89d778dfe3609e5226661db8ef6732d0908

SHA256
4379fabcb0297545af61ae1cc5139e265e5260caf8f0f48fa608eb05f436c0f4

SHA512
45f390eb70b8a43e0f84f0fd75f048178c549b86119d4cecb1985a7ae0aafaa274ef5a48713eb53983e71c571eeda4bfc5a09bf94571e8e1d6574aa6bb9e55d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
379bb94a16ac3f153170bf8d35ece736

SHA1
da059f1f93b0da248ba0a532269c544dedf3195f

SHA256
e9ce87097ee0ce3742ca232275b51be3d5d6de19497cb773d3f81eb60146e299

SHA512
6bfee14af06bb5c221979c5ce499bbc22a0d125eeee106dc693e8133acc4f0ea41a8a128730f021413fd11cc86cc0f6ea3146d402b42f3a193aaa6dc38ba3e0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
ada20efea5c54367671db81a393e8cb6

SHA1
b3c6712a39ca988735f449a4bd4a90df7d3b5239

SHA256
2677aa89c31e31119441c72b8da2dd947e8a98720ee9f8da04cb101af9f74917

SHA512
1b9d908b30bad39fcf60ff600388a4e771a5ecaa2829749fb3cc277e2ab320c626b57f8bd77ee56f7d6f6c8f313ad2df8e4a2e2355570e23ed202d0cad4120df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
14f5c94beed6b27eeac25deb587baa48

SHA1
fc208c8a627f98246d6c44609f6c43580dd0b657

SHA256
6a13512aea7eb6c899c167d937ef808ee05d351f8945ae453791e1c5dbb99a38

SHA512
06474630590051546ae5b2cd2e1ab6c58c380e74fada1887b769a09b5fc9fa46a638c2cda53fab31c389d26c0dee9398d4695b0314b78b1f6e9a4fefdcea4f2d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
63f0334029c8aa20ab21aa5df118e854

SHA1
f635da3a9fae92bdd65922fa130426fdb2e15a0d

SHA256
faeb73d5711ed1e5b38bcd4d3bbc869b504d2a26c1b4691adaa506257a5d7c22

SHA512
2ef5213f69c58d330d1d034c8c8860f7679caa77cb30f141b174dd0a52aea329a05bda105b17aefb248a0f7816b58bfe0d5ffafe8f775162a26fffdb4cf229b6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
ca55324cf99180516084ffb96463ea9c

SHA1
655ec681e2e50a855990abc2d3bc1fdfd035ebcc

SHA256
de1d287a078ddbe7a6c31df357d0278b91dc9b83170bbb161f84350623950fca

SHA512
699ea9901c3eead590ad92fb302bc676151e214b2227e999df21969c42ed6149d6f596e05030cad8607723e15dd787d0b9d2e0c5cb9ec8c96a91fa771d000293

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
12KB

MD5
0f7b7e46f310422bf9c87a29591c01e0

SHA1
467979b9b56d48560d18d28c8dfa62e44d06eb16

SHA256
391591cdc46b176c3c5b294310c47b337ef77576ea2e481e2e5c53c194bf58af

SHA512
c8fc93d2289c3aa192d2ed8db24e06fae0deb29b4441e7e9f13c68ae7f956dbbea7ea7b488a72932ef2d854c032e8c8f0fda7b36d6195f73520a9ea540ba5f00

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
f7173b54231472192cfa79a9199d0a48

SHA1
ebb9acf5496b72179751b3c3107ead9aa6c3a571

SHA256
b2008dd3411c3029d0fa43b5d3642f949e09046235694ccfe77589da5a02f4ab

SHA512
4680d1a9ff9277fc7fa98ee7233be4b586637cb94876280f1be755ac6720fe7e842540fd30ad07c9d1cae63a53fb4c3e70a86d01504917e10630ef6854b9d7f0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
10f63a4e4f2bc5ce3b14a3f789ca6664

SHA1
f554473f5b043e21733bdd028036c3c1963faa21

SHA256
bc6a1b35a55680ddc3cbf3fbd09589bdacf670045fbd9911f669d24e2bbecdeb

SHA512
bc9b6eef6ecb26d789f9e9b696d7aacc83a8f3182d752b8bd58bc2363df5e552eee534f7e62d1fe662b4af4d754e3b11743fcdf46842d24834de9a0fe7650512

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
a31e39d06ed5432e9e4af742d0ea4be6

SHA1
636ef111786026bbd92929c093980ebeef623ff5

SHA256
beb944ba63ce66860f771b61eceb3909727f7c3e559b288442d20418b6769e1b

SHA512
7ea1b11bb868b0436df6b3570d8435c7d0999fe1420d468956269d4a5c4a6156d70ef73f873a64d519f65e47906d38cd97a55fed2c3ad147f47e9933430aa3b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
d11034520f31da7cf021b70e17db371e

SHA1
0fa95a29f5b905b87475ea05791b4023276cb24f

SHA256
6a3b96cecf90fec8a6649731dece0ce69fcc625a0807da265acf5ef563af39a0

SHA512
5a01a97d2ebf628091dfb833b40911ac60c655e6844639e6f63b9a3f5e0db8f8068ca60437598f43c5139d23fc27a15df5a7707981a329799221efbf8e49bd03

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
9KB

MD5
5ddb14fa999729c5b5d3b986466694be

SHA1
866c32e7e3e34ef9d7a0855aa9bd259379a3a540

SHA256
74583e6d6fc2e15368cc2690c6e4a569e70426f692778a573e80890f4abf321d

SHA512
3b46cfe9c784cce30f791ebfdb7e3663597389a8b9f750695313236c2f8c1063a8e4a935af53999c1fe886b505a0f817f5a9ef77f2ef1da117ac00c687a6c34b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
10KB

MD5
eb4eb751dce3d22b49f16efb1eb63101

SHA1
cf40057523987abe6bec037809c8fe29cba84394

SHA256
80646516f20b47093ee42d454cecc266dec4140473095bf09188b980051d21e5

SHA512
ab835740ae245e5f1a0b6c7cd6b88d9992436c2ab3222c7be3dcc0a431b09fa32511f14b2d053ad8127d6ebd437a7af85730aac9ac40e3938c47737b22d8b1b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
12KB

MD5
fb5130948ba51a958bf68e9fa1016716

SHA1
5bb4a92b2a032f300e9eea776ef625f9af94fcd5

SHA256
2b47d77b70f3421d2d48ed9025ac4c870d0b09acb597c9fd580d64e84001b76b

SHA512
98c1be59ab3f2fa88a17e1b7bf2ea1146372a41568cecfe8c5643a2389934f8ca186624b3efd8ad9560d1864cfdbeeb0f6d4ac4e588bb7950d6d501e0d32b4d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
7KB

MD5
31679b4fbde63d93aba2dfd7a9e71dc8

SHA1
930af30bebe136a56146b7190fbb046c0df3a496

SHA256
d173bd1acbffa1cf810f80457ffac7f024b86a2ef564eb6b315a24ddf5581528

SHA512
b8c7f55fa5bfc1e8409df4ce76091cb5434098bab816b12535fcb4a12f9798712c7327a79108958e6235f058d6914d0957031859b6df0b2e4d0472274f512506

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
50f1f782047b8c2d6782141fa58d3e65

SHA1
7143f3f784ee2079f0ea558d1fe6536cb5c5f427

SHA256
d5fe549a3ed88803ee74d601f7bfdada57e954f752fcbc7d320b480f70434969

SHA512
2c9cba52cb1c1604cf954977c457eac42fdc21f5a7575d635bb43d0838d070f812f1a48c709000826e3ad0eb45311ea59ab8998f13f459809f8369e6069cf1a8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
8KB

MD5
127cf3481b172706947bdbf5aaa66b8b

SHA1
0e3aba08b0820b2dd64f30773a389aa4666a6a36

SHA256
7a8997e60174829e0d8a30cfbf40c5c5aaebf5fef9cd1041f2583ad4b12fe708

SHA512
7d2789a8eccaae68b20fa8ed47e0d6875c6e5d632bd405827e26f850caab30439dc089ce31f53fb1142599032c735007743461cdf15b890445c506d4aed1a076

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
18KB

MD5
332bb6fc0ddd7fe10e9f9641a47047c3

SHA1
4d48f87b7f8061e7435bf508861cbf7f38a7bad8

SHA256
e4bc73cd88462559c5b56103c62d83acc58161182f1440254409ea04c6e174e5

SHA512
cf9d945929182a602695b1fafa32e450c8daac94782cb035553e0782f5c3d4bff1cb14002a4f784ac9b49d520d72ea9c4bc4c29043e52d6bed0ae4c5f4a7a5cc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
19KB

MD5
12a92d3b4437ff1088fc622d087f1158

SHA1
8cc093beefa7cd574e6413e9e8e8ed1fe7c93860

SHA256
e96d68a8212accc4ee020ce553fc8e02ac2fce665d21e929c1e84c4d0dcd4d88

SHA512
497a3270dfc7d44ad01aabbb5d46e38a38fdb5c684d49e6a16bd106c3c921364a4bf34f0821e4c3404b08df58cc554f51fa560ca7b99b75f512630cf0c6b6521

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
20KB

MD5
e9f1bde82dd92a96f9feefdcfc666205

SHA1
b4548c9ac3a8115ee1184023e08ba032e7398f28

SHA256
ffb276dfaa699b926e8cf1ecefccbba6b8e9b5da225709cd957fa36dc9359312

SHA512
4ef41a95d19dad0cb6b47538298a43a6c5da2455936e2e11855d87eba443fec1efc9fc3b4323d69d683f425741da7381616841b55b872188da5544540947d026

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
20KB

MD5
c9b80a7aa1a8a32775b4bd53200d02d3

SHA1
a3717223b6f5da4f5ce8ad2e898460f4f236e23d

SHA256
42135b00ecf8818628db1e9444026680c68c742623daddfc32ad14fc688fadd3

SHA512
198f3d8e647290d268c17e91b819ba9833ecdde6e7e0007907d4d2d201bbd57f475813ffffe0f27aeb6b5ede6bf879c7a1ec9a47c6b2bccb5f9cd7d3ca5002a0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
23KB

MD5
a2b49dabbaf1a81017f8e1060a9d9535

SHA1
f06a60f0cfcd40f802b50b3f7b34bfa987b007b6

SHA256
5b49669331c9584ef74160da119341b4387631613a6793fe0e46da7933187d65

SHA512
041d5277c3b108416b2edb2837f74138468636e394ab75b28334ee7d8f2289ceb23c41e577d1e913eacd020501ff413ad98e5ab2d632a185c561e8813b77b4da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
22KB

MD5
96f9d34df059a382b7b56d93bf8f3084

SHA1
e55cef4f6bb83064cd9441fbb8660a5c813e98a2

SHA256
dc87f6d5113a8ddbcbaf2969f7b1d3ccf5313edc7bd6ef37a8e35f38b075a164

SHA512
e7f209fa0ed3298bf9a0a9d7825d8089e0a47edbd945872060f116db6351e1ce02dcfa584fd6351258758dc3062ce40c8d4e8b16df0473fb6543db5a44b88a6d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
20b263fe965b14325ea83162862e691c

SHA1
f1d2d74dcad665bde97f673b3cb6b8ecf812a39d

SHA256
75f337b8994b21ca024680c9b7cee85af9ac3c802d20e2c03b86b661b042b25d

SHA512
b09cddecd059b59ae9244cfeb43d72dcb1bd3ae2d3255be27ee33484d6d448f85ae759f4d04db14e54b68f72fd7321dafecd624718c6bcaec6cfbf7ebba41246

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
26KB

MD5
ba98d2cc347b8c2aaa9ea71cfa3f7cbe

SHA1
9dddad579da59e5f7aefe526b95392759342c41f

SHA256
637823dc3d5d9c29d9bc843b8d9d5c6377e3add3cee734ba073164bcc02a5295

SHA512
3a1c1ee9102dbe87c1b18095aaa7085beffcd11ea8115ee9829735153caa5c34b5f5e102d89edd04f93b8028ed9fbda9c862c0db8aef2ec56c8f083398d9f4ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
f69c3b881257b25f6cc3a10bcb365ee2

SHA1
f4cd065d95014cc240aaee2042137089fdf28482

SHA256
fedec6789d1b260db1b4be6cafc89e8025e90896684779ca0a1478cd13af2477

SHA512
5fd7c9d0a737513c99b32718b49dcbb6db5c1d739cb5b11757762da6be4bf36a69cdd7c566f024788b81a680b5be53af2c3fa7553dd435775acdd483a5be3747

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
217a2deb9c73ce11ad9cc07f4ad83df1

SHA1
3f6e0a55a6b5b2406e2ba94171f908084a6f857e

SHA256
4501edaa7176a6c892686443c5628d851a42fdba65c56fff25e5a8c545d20039

SHA512
d2d29707f000630532c156c90afd756e60e33fd0beed3b7147ab8917cea69821fa65a8aea63c7013e06fdec9f8defa6757e71f85546268b3b9f64ede9c0b8fee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
15KB

MD5
83dd121c6991285cfb2d6af362be2768

SHA1
14a8f61f615fb4c623b87fdf09fc2c646938b0df

SHA256
d528d247aa3168beceff3bb451e91c8427720865e7d90c22dbd3224f741f284c

SHA512
6ec0b13041a9f4045e5f7dd7ab8d5df6bb49fb44ae1578fc5025efee481cbcc6616a8ed384ad58531a9f0fdd81f835582f3a0e005cf87a4b581368d05d0ce707

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
17KB

MD5
ae92470330ace9c940664863a62c6786

SHA1
8bde3b70bc6650f4e6c9a6e8c6ef892b1b88eb3e

SHA256
84990d62316a4a08a169484dbc1d8d4f2d919b579bb0f581d1c5831089857f74

SHA512
c22351f1ee534d64db42155926c3763c80b270cd6b5a036622afdf3320c53c1fca34c8344d30c87386e2235f431dfee2014216741d999305ef2142960c0e1619

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
4d46029ec93021f9aceaa20ccab082ba

SHA1
94ca983788aeae7c64890943123daf39fedc56eb

SHA256
799103cd5985cef9c2a7ca0e64deb115d11d66eaad998bc79c22151bbefcf0e6

SHA512
fc75bbadb4bed2482b4a46a13e5ae3c4d5a0df8e260f8cf80eaea18027292079450f68437a3778f59c3262ca9538828993e57add5f6e14d3e16d7c8635215e0a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
8f8dbeedefa3a6a2671c92b0d63d2b1c

SHA1
4357e0bf2aa125f781957650806d5e4113a8e755

SHA256
4c28dd8bca7630b71db4212d3df6a3dc0ee44fc3f4bc48762e1e93054dbb9258

SHA512
3a29d98971399669d5d5171608e8be25ed85376d47b9a52119abf4ecd837afcbd8afec4188c799aa7bc56d682de8d5723a6de0561e0145427cff2a118e185ded

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
e7296ba569a47f91f238f8def9d77d42

SHA1
0a95b2fa5b97cce0902c0eed1dd66adc7e221d93

SHA256
a98aa3ee4291708cb05f9bcdae79d3e3a30bcb35a3e88236b5b0d3baef5b96ae

SHA512
7a4e15bf3dbef47e58eb9d7dfc0e7d6b6455d301328abd41bd9458ef12043e7e48c0e2725b6ee376522aa1d7bc048c54156f80e2babaf395c7429924c81b0742

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
f7a2852b5fe19ebc833ffead0b96f580

SHA1
1d69fe05c205b5d0f5dcbcf63d4e964730ce614f

SHA256
dbb8f148a055a5b21f8496fba6ab6aa5006081c60bc07a060e439502c6367380

SHA512
bfa62b85f72d2ecfb3aa8b6933acd804b911299ac94668b85cb356a7b78c4cc905f14794d67c9a76338a1e2d225c901ebfd7f585273e159a911bbeb55134ae55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
5dd8db3833f616f251fa76867c75218a

SHA1
28d5b65a3cd04729d244a4d75f18e95748c209db

SHA256
eca8b36e130c9a82df58a9f186891eec93f21b0029920acf5ef5b376552f6df6

SHA512
8aa022929aecbf3bef820e2e76b600a8742ce162c7463321905237a6b8faa51d02a4f4383d75776298e8d8ee7f9e44593331c6e460322f124b64ba7931827397

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ab150424cb126c35c3b2e3543073d85c

SHA1
caedb60dc296eafbedc86a6eeb1c08de673a070c

SHA256
50be422ebc22ed15fcc1927d77b8753776f20208f5b9bf653185e3bc6d12baa4

SHA512
a060e17cd8dda9b94c1d0a1d82755e63e0ad6c6392f52ac567f909dff68cc4d3a7234e70a0bb05c2589d3c90c5230e1949de00f2f39039e39fce25e455d4a78e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
16d35f0414d41bd098af2d23c7673007

SHA1
737b38e82099aee39772991e8458f35fe9eb2b99

SHA256
02424bad2a30edb0c2e84c48470ac0d508da3946842cd3d2f9b2eaf88f66c13c

SHA512
faf965d3d8910fd781b89b5d26a57b685a86107c06866e11123c8fd644797157eae8a574e72832b1c3a3a4d3e90d3d4b6fc2f92a9db277583b698986cdf19e7c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
8d867b0fb07805942008f8ea1f14f679

SHA1
d147e952bb14813e85f76dbec5533f1dda2054b9

SHA256
26a8817179d279266a1526694035952603b899a9035d01ce3978763df740e5e8

SHA512
f63e6462bf530c69c7f226786046260dcd556028ce9e9394a9f235abeef50a2fd5f824bd4e29f6c8c89e83ef15720e512b94e8851c09ec17cf17d36256870e1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
c913f55548811ec4bc965e99a1776bee

SHA1
229c0948f3352894edfc87f4860447221b6801a5

SHA256
fdcbc8eb8d845a15ebad96a092c7a8ffa8c2b8d7095b2a510bee03c893efa903

SHA512
a5ed5f966082264e9a63036bf9421221aba1adbf39c3ddc8938393d48fd32c933454b76c6abcec383e33d508cab3bcfc518bc5f14b3be12128e1351c5729788e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
16KB

MD5
6796fe970448144d07e7065a407a9cbb

SHA1
cacd4c2d45364428317fa1a96e11247ba1c9131e

SHA256
bdf1a24cde62dac5288539e3ddb48dcb256d97ce1c0ce7b3517d0b05519d81b9

SHA512
da21d71f4cabd801da4bcbc8f72ce723900e5c821d031af98d8fbb911ebd98144c2d262fecc64c1e3f41708a504d697f99db0d053b46d6aea2ae1565d509807c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
fdc5c9eee77e643e4b577e279ffb6f30

SHA1
c1b9c05ac08aa846ae2c17931b3918a5e6cb45d5

SHA256
94a7f1cca0a4ef62a4613ed7c0596fa30fdebf7c856b3722f28d9c5515978dda

SHA512
6b7474d4edf03a0d8ba1a20302eb73bccb44acc1cbefe82e421d55afda69551a8d4cab9b7e1679b0b4da4a459d3b6d569886f987d4f22ab9a0cf7931b7ae274b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
21KB

MD5
581326ce52d32a9d85e53633b3a06161

SHA1
f1231fa1fda2a49ed58910b4b58060461a4ad947

SHA256
5600398adc695cfeac38e767216a993557459993ef72914271ade0c60d55e2c1

SHA512
d2cd881b0eaba89f26386b8fe8324933946f560a74749aedeec296a1a3c37955719960ef5aa946c8e98d3e2cdc4d3581cb8b2d8b8561594c7123417a65198f9f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
4fe1ff155c61d25dfdfdd40f1487aaa5

SHA1
7bdaae6dd4826ee12432418cf6c5493b711a73ef

SHA256
d53af85106c0991ca00d45501b975fb009dfe793f55fbdcc071a1e22552e637a

SHA512
67fa51f72cccc4b88e101c418ad1b15f7f3ec20e924a147ccb4e0659ccdf7630ad2489d87976f56128717f371c2792ae2303bde4acbe553cc6f99ce1707df7ff

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
57ede0d6df21d8862ca36c54a74ff78d

SHA1
91b00c140a391325caa6aaa5e0a2d82b88c300b7

SHA256
456fa430aeee31940a4519b10fa617c344ceafbde1d305f8608c670107b9f1cf

SHA512
3c4ab14cd79abc31bdef7a6d7d9273d0d16241d5c1a2229ad6365f60d301f103b68cdbfaf47207bff38d6ae190b62616bb2acd6fbadf40014169b3e5b172b6a6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
59772c515633cab2ad7c0f6ad6b15490

SHA1
6a1ef8c173173a4a1284f73523ec4445d0059b1e

SHA256
8bb1ead0339e80b553e250a1163754825bd4ecad6524d73518386f7ef2de32de

SHA512
4eb5cbbbc91eda119362a14d5f0ba199c4a621049a53f0eb01eea52ae1436923e85487186ad0afebc2600002172a1cc483178b10a1527d133c7cae950950fc0b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
e297c1ac9f20e3359d42b4ecc8ea01a4

SHA1
0d8bb11436be2756d9e8cacc6355d7bf43f9dfc0

SHA256
6fb6aabddaac3420297a75e59e45bfa3399ab7a565a1a37f64a8705c6f9d9a1b

SHA512
dc9cf27559a473450871b7a0683eb8d1c92d3ac6c0f28c2c16c833b73b44cac28d29abcd5dcaf99d661b7a94005a856eff2cc04b23f127541ec51d0828c98dad

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
11d99656d25fefbe34f040479e749f70

SHA1
2e41b5a5cdab22ca3b09bced9016b91dbe1e005f

SHA256
b246a97cf930895a0882691d7a1fbd911c31d95c5bf2c81065ec982b9f379b37

SHA512
48826fbfc48301e0b01d4a88926acd29a869d9e4791f80f0cf6464727f3a4d61eca09cd181ab793fbe078ca22db15ce1db8f28a88ff2301f04718430e14822c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
8a64444c51e359fb7d702f58f0e45974

SHA1
6842da83960395d73c455b81936a49de299eb441

SHA256
352763168c4c43beb270785db7f9148ea4564698335a9844c0f1fd648128eeda

SHA512
69e3e64dca9712dafcc1879d4c13fb544dbd98dc26de570360e2b7f03b500d6d7f6a7ea6ca48f59465ed9d11fde082875d1f4d26b41345cd064f3c16a92fd183

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
20KB

MD5
08f5fb85dc3fdf41a3364afbc2a20d10

SHA1
f49b682dd937041ef3c06ac7715f060b62e05746

SHA256
bb764ad158e0ed3542f69af1aa20bb040b231fa7404eba402a6590d1541120ea

SHA512
3ce85339f52a0787da67ba62a43d6c067c99702378f2bccad2ae207f61e198d79a6a6724184e5cd0cd6e9b4ea14165e98b23bbea042ef6357201aa74cc7c3b04

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
26e04c00e8b0fba965e7c1517bbc2e40

SHA1
4f663143762780d0be66bea569dfbd31784d0d1b

SHA256
44af3ad276aeb07af40f3bacbee2dc78530eda1fc73c8a80c314ab593023e020

SHA512
b2fd13b46e65359be18b9d776f8fbeaedc98c6ebad18c5036b419a9056069060ec7a9414106f77a0cdea97edbcd054f4e73bb4a6c5a9f9c2f7fd8eb268adf523

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
92b764d44446e9d962c785b57f7faca7

SHA1
3c5d5bcbfd8cf919e35f90a02423e86c35982afe

SHA256
cc0f385b573b77350769d6452aa45aaefabd80734254f144bc23a3633c02cb71

SHA512
c035f7ef94b95c79b37498dc65df2966266bffeb5cf0893570ce472c84665b549a48d56d71cfb185faa8ea9c99e3ccab825e0d7a4173e7b268e52821ac47f484

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
18KB

MD5
60e470616f5a51d745ab68da31484bbd

SHA1
846aaec3b74773b755afce367f3a005a8d4367c1

SHA256
225d6b4d90e4661d851cd7ae9fe3eb79a4ae2d27237af1830192a64c230071fd

SHA512
7e7b7a75cc7050bdd85588e2cd3c3c2bb75a2e485ec3c04a5a3e042fff7c74b0d5c5eb78802fc92166fae4d5875e31c2e298ce8ba75ef3539dd3265e2c450911

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
19KB

MD5
bb2ca1a39572a171ce2f480138b2da88

SHA1
7dfd0c08468e14a445e76aa66f64067f6afc6e7b

SHA256
61f3880e4e0c4b89b54e2add56095423b4f640ab3c14b3cc179d47698c92d961

SHA512
8e5fe2a4e0086b8210cd5addc9d1dc5d4e6b673c946b696fd573748ce0fa4f74a6841c60d2f9e262d7e89bc321d5268418bac15c2f90b177fa61e4e131569490

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\098a385c-de8c-438a-a3f0-24f6ffb95e99\index-dir\the-real-index

Filesize
72B

MD5
31e9f033b624f1d328e4f64c8b042872

SHA1
505511d00cf73e0d753cca6b3e8885760f6f1bb7

SHA256
d1a81f2dee9099f5693a49e885ee69bdee90d204fe3163f426ea7a4a48d6231e

SHA512
4cce95b368fae80552183dace11c65fc417bb115eb4d0242afb10c800292893c7046fcfb09f9adbb707ff6d8ca827bd1377c5f6d7d519226c4d3099eef9400da

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\098a385c-de8c-438a-a3f0-24f6ffb95e99\index-dir\the-real-index

Filesize
432B

MD5
5859da2c29094f8b8cc5cfdd1e3459ba

SHA1
55d63573235f8a9b8bacb83c76bae273ad001d56

SHA256
0212f94ed983d885edc8bafcf355a5d89578aa2c8dd618ff5e882609bbb5a364

SHA512
f6ee2eebab4a7a3318fff2631c1081c36e1881394e8e531c54514dea57f607197df79206139fac36104959f5e9c3cb1fdcad870edbfb2e1ac72fddf10a64b657

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\098a385c-de8c-438a-a3f0-24f6ffb95e99\index-dir\the-real-index~RFe6989e9.TMP

Filesize
48B

MD5
477d8f3bb051b0fd3a66681fc8955884

SHA1
e20ac02cf564b61f538b71a9903fc150bbed5a02

SHA256
b583087c9b3d3ce93e7efdbe888f116e2aa194ff9cee4bdbdba9fb5e71dd9078

SHA512
2e44b2eb54e5428ebc17883d1cb72526caaf7112ccc6351dbe811c24f54fdfa58d6f1eaadf4b181fb53de24001d4020c45899e849b1e79b970ed6d4fc62dfb32

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\index.txt

Filesize
95B

MD5
c6d6dd6eb03cca62fa2a967d74cdd744

SHA1
abd4cbd7d48b6b0b71f8df543da052324a75a33e

SHA256
014858611bbe5fa0d0bc0b95631b4ec09eb27717c4dc4d970ea7017351135aa3

SHA512
41a55d0ed8511e0a718ae2ed51f3adf0f16cbf5dfdb14d86e7f9771a137bc23ab780866b89437baad2a3da2bbeb442a984b55b16be5d28c5d0c59a7d7c377a09

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\index.txt

Filesize
89B

MD5
ad82299f3596876e3d148e552b0b4782

SHA1
5d2a73218507727e89fc638d667e9ed55eb0917e

SHA256
82a1c286ac164cbffdf1bc7b8539c04fd1cb3a577dbc346a6495f0ef336783ea

SHA512
59524e169fced766540963f129e6c87ff5c5b14efafc556e8583c08be3b4f13a504198ee483f6624c5e0945eef261d7a4dd92781b2db94a2aa32ebf42b51c4fb

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\198b1dbef7ece2ad03770a72810f2b485859f245\index.txt

Filesize
90B

MD5
9ee62319c6b279fe1f1de379df34c325

SHA1
837584f704a5583edc92c8dcb6675a90fc98ed9b

SHA256
6442b3dfb5ddd060038e5300b59cd901ce4b3d76e1a9121d12f8c76ca9b39580

SHA512
822ab68be54c632bdeabdcf4615750e54a586b08b25742ace1741a4c7d760f17138d501754a166a64acde0a9c44ad3205b6198f348ca8d4884e932a422867f34

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\004d3716-c050-4ef5-a054-277059710ca4\index

Filesize
24B

MD5
54cb446f628b2ea4a5bce5769910512e

SHA1
c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

SHA256
fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

SHA512
8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\004d3716-c050-4ef5-a054-277059710ca4\index-dir\the-real-index

Filesize
48B

MD5
4271055212184b7b5a7a48e8291424ec

SHA1
24f93819f01a102a8f2ff29758357f2793fe6fa4

SHA256
d88566a7560525c7af54c95e1676fb3fa91c49479fd9cd0a5d6a5a0564027db9

SHA512
5dc61c2c9ec921aa21475ad76695bed48e353d729ecfa4bc376cc60b8b1433ec9f792644276cb37e7137fa8ed676a15adae632a159b2dc9ff38cf8007667c653

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\004d3716-c050-4ef5-a054-277059710ca4\index-dir\the-real-index

Filesize
2KB

MD5
999d022d078f73a993eebc6d75853172

SHA1
e1ab3d51fe58a4f90f9492a3ced73f8185bd057d

SHA256
54138cfa8b829a7e1e625ad9c667d43eb21ad77d3c5687a1927b6e3691327a3a

SHA512
9c462c22e08bfa71419e2f80f4642b9f755762bcff224523fb7509b4bd8810c1c0e1681a7f2fd6658915dc78b69a07e9fcf0b6dac205737ced30f51521af98e7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\004d3716-c050-4ef5-a054-277059710ca4\index-dir\the-real-index

Filesize
2KB

MD5
0959fb1f4c782bffeb202c683375c08f

SHA1
0fc9aeedd887aeba93909c6fdb14e8b7f75085ca

SHA256
16e8584e708f8e36796c0507280d576f74ffc3b4b2db878c25470a712f6b30df

SHA512
0cab6f65bda707da15b9fd127e04ee5bf9aee5d38bcb6e334edbbc91d588cc83f5b70dc2c82256ceb2ddd6739d880584e7a4ac6614f3fb7ee11aa2550cbf9e1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a93873b2-9bd1-49e8-8718-6c96a481dee6\691aad32d1648592_0

Filesize
2KB

MD5
6ab2165b386fa7c72431cc5dc937204e

SHA1
b41fff229d6e2b9550ac291e098349dc5e2775e8

SHA256
43007e18bd443b80af44272d24d3c147f0776f4c63f31eaca7011780c08350e4

SHA512
fbcbb706a9c3d38585f85105a4e966f0d0be96695dfee4f31705314a5a2fba146d8e8afab57a26d354216e3f68a4c2762da9edd737a2b6e136dc4e85cca473f8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a93873b2-9bd1-49e8-8718-6c96a481dee6\index-dir\the-real-index

Filesize
624B

MD5
98d812ae7a5e0cabbff638e2f04bf8bc

SHA1
a228a4a7059b77abb272d05b16f36020a338e94e

SHA256
ffb7183d4fd3a4568ed9f96d91428ba624165c74704b97728817a75d71b97836

SHA512
b3e24039df63afff4ae13610bf456269ed2479fa5714f047da154e8803e774f170afb211535c303844986a01660b3aedd9e815c6b67d44b51c468590d7d2690d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a93873b2-9bd1-49e8-8718-6c96a481dee6\index-dir\the-real-index~RFe58a4a7.TMP

Filesize
48B

MD5
2402bf39deb8c8088d85c4b21f77631b

SHA1
deeca1450b1a037e62e21187307fb2f070aeb95a

SHA256
e4c46c9048642763b6b997f1d9e120cbdbf03c8ad94b332d4622b6cbc6286657

SHA512
6e7a72a45110986354b653afdb0fcc1955eb8727e6e1be5fd8a317329595855740d5adf8239d623d5145bd03fe2724f11c8a3e6f4fa8753afedbb5acb0308a28

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
26B

MD5
2892eee3e20e19a9ba77be6913508a54

SHA1
7c4ef82faa28393c739c517d706ac6919a8ffc49

SHA256
4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2

SHA512
b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
89B

MD5
52bb87fc2407e681162a26ae435d5a95

SHA1
4a2453ea3b68d986b2d62aebf244cf43352add0f

SHA256
b01f4640ed7253aaa7fb043bb5b77b1d22932ad48459e42c70f54cb3872d9e03

SHA512
6c304a0f0d125f143d385ae84f1ee076b843b9a2df18c909dfc7865dc8aa531b5fe80994776de68d0354cf06a66ff10f8561055d7aa24fcd16018dab0cfde735

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
9e76a6e0b2818c684182dc1f48c76a01

SHA1
1d549817216665c304811a16592dfdf586bbbcc8

SHA256
e98bd0c02fba21215ef37f7b56901b958fee9c0999038560b642000a7a2337ca

SHA512
97594c3ada0d82956f95f13fbbb804a74470815136aea5caed301eb9f386f95e346d4587ca7fddd757fe34285a75d983b72644498055b677d6a0a4b71a1e5b6b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
146B

MD5
346cf3a62bb4398680c79c154a6f49d8

SHA1
4a830747e24f60e8ddcf42afe8d1294a5f2b5f07

SHA256
950d35b66e1f3696e86b1be62c32ee2941d27d9f2d936d5c84d9982bc98064c3

SHA512
bc3b7ca5724d863e21661a6e5c544fa356bd07a818ba99b813b035e2ead113bcc7bde786057c7d4861e271373a4f4997a8e4224e513a67a7d0f70f49feef0d89

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
155B

MD5
9811c8f11d38a797ebc153b8135d4c09

SHA1
5043e6f5f75b512ba6aab560bb4963a73ac80c99

SHA256
4a6f1bc7ad6ee4788ec8c63b523bc36404a4cabba6347a38cc13c9abc36bf7d1

SHA512
fa0ba3cb32ae70fe4cd2cf255bc78260d6a48648085a4bd538e5e57393f2bd96f43541f61b565288f9bfdebea00ef7346bd346291d5d2a6d53a4729aee6d2e0c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
217B

MD5
509c31b955db4dc9b0a6cfeb2fce5b07

SHA1
2092da6567ff38e42ececb30e18a304644babc49

SHA256
0b3f6afe0d009d33f446200da50754ac8d7f0155ddc9d35efaeb40971ea1d0c1

SHA512
65832de5de0874ac8c157c423c02ef189472daf861be244363eaccf2a2b9ee227e946154ec606e04f9cbe0e84dfa248be70b43692aab5067ca4fb76c27c94d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
217B

MD5
d4862b67b6bb8ee2a61f8366141d7a50

SHA1
23843308d58683482bab0bbe716fa74db154e725

SHA256
17389af09198f71ca608226957556c8500060e0eac18c868f0f09923a3641929

SHA512
eff1a72c1a5e37fc1e2789b7001cd66fad84caa34799b01cbd7cdb396eacb37cd72378c64107be4e43d133a855887900f46acf0b70ab6c5de81c091a180f9666

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
82B

MD5
bf182043edd2190e52a80b4b3ae9efd4

SHA1
3df728bd6d60ed233ee49884f6ca9020a6ece238

SHA256
65ea595849afc4feb3fbe3cffa99e6eb91c42390304e85db11c24496aa7bd883

SHA512
5d363887826cb5c2b5e1d9d02c8ee58f48f718a59576715abe7cee4bde562681703b77e6e1851e34c80319a6644a4683c63c80a7caad0aa2375608ba28e101a1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
35a06758304bcd79482fe81d9b3ded00

SHA1
d85f9382dad64bb7ad9f87d86c8de4758f4bd11e

SHA256
9176b6f1b6997e6156e1821028164cfe033683cb61bc0967148a543a2dcbccee

SHA512
8bb7b5c029f3c9b58b6d81247a42c17656681bde19a7c7020c6bf7300d52c8bd930f6aad9997ede68391178fa893b42e127f3599591311e2ef8f3e9309d06081

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
153B

MD5
7e8d660d971bc1321d881ef70e183d56

SHA1
33d31bb8bf6a79d87cb5fb8c4aef6216ee5a500c

SHA256
fe8fbbd082bdebf76a916cbb860f2c4ea68653f3507910badc082f0cf68125b4

SHA512
f3cb5e7442103a6b2094edf4f164239738a31dc4f181e011977919ac3e1c02435052d55857a021330883a1889236329304d38f634fce5e5872ee4dfccb5d9041

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c3cd.TMP

Filesize
90B

MD5
8a16a87973046d938c474efd24d330f1

SHA1
700308331a6490ef7e92547b7e41a1cdd1b15b52

SHA256
6a40acba69502b40c59f066241da2e443d6a52a93cc609f86e2f62dacdd1c3d5

SHA512
d252f1b8fbde9bd8b80081e89c0940a96cf3df12f04a364c1d806e14b6a8e4fdc782b6ed748db9ae6dbc3b0e30fa1d83536cbd2e8d6de6e24ebd024b4b85edf7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

Filesize
17KB

MD5
111b276c95bf292643e4f0621e38f361

SHA1
8adc1cbb504166470800cddefbc3a35e775b981d

SHA256
b3061b3695777847a0f43a5ca0418ddcf1edcd1046dce8b3ec246ae32bdad330

SHA512
374c55fd08327fbe86c518048a16fd1b5fe9874ade72f34032b53f711f5a95c1ced81086db4943c5e9ce7fb30d9eea08060160ff127cb13932afdbec2da96878

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_1

Filesize
11KB

MD5
a55b2fcf4467a246b944277c81cb7de2

SHA1
b363e8e51114b247e68b4a3f194668da22145068

SHA256
65133d1e5712b4babeac0c6a11eeaa2a48c222009e81288b9cc7f0013311d675

SHA512
f31d3cd8e98d0c3228648968dfd55fc449ca2654fb3affeb4d724ec323907998f3c5c361cb85e5647684d3a4d0886e1fbef2c054fb4deb1d40602c165f6081e3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

Filesize
119KB

MD5
ec79220f3c92c11d4904ef03ca964878

SHA1
bc9a7bc0f71a79fc2c08bec824a9d127ade441ab

SHA256
a58f23f71c60f879649e0369ee616cd7e59ac6193e015dff137bce00dd50a02c

SHA512
d359318f2e2d2f0025e86e2897de24ee8784529634f983b3a2f1ae6998c6a11e5f9a2c9535746e66571f19a3402d4cf6fd448bcb9012212c46459cc58eb9a299

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

Filesize
162KB

MD5
029ba04babad1f5e043009acea662a15

SHA1
9830c4a3e77525fad4e80fcc833ed5facaccc987

SHA256
99cf876844f576916feb7bfbc2fd9e933ccc0b80449e3bf75f09b6a330ba2c97

SHA512
94806e3e0b4bac71203206d130aaaf6631aaaec3e9924b3c68c2bd382493a60aaaa96a38c7b5d450c2d81e5357f58384f52e7092ed119aeef61a82e932f70bdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

Filesize
397KB

MD5
aa47c22494286108ba7ddf9eeff9580e

SHA1
d0bb9a6528ac856b294554b113006eacc6b2d72e

SHA256
923b8cee8f7b55fdd9f61cc6c8207234343d994d1aa7fb6b8ccc8aa80590fd9c

SHA512
15c96e45fb30260844b4dc34a6691da10686eb854c613b31a69e6fb3d5f9d626084aa974777582a1519d7cda97cab310823117ffbd20f50011e7c2cf1c844a0f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
120B

MD5
631221413dc3ba0ea6b9cd11535f806f

SHA1
2d1af0ecf31a5958bc1bbce45993ede7d47e1ad1

SHA256
f76011ae08614b26d65fa2e747b6d51cade09d0f014f8f60666ef08b7ff2c4d4

SHA512
e3340a5d417c2443d22528167d20b0db5b0b5ddb26429c9332e8ccd1d5e09c6c1e14dca88265abfe2ee2b0a628c9fe389d31ef8002d2fe65a13170d443037d55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
a06577533403e8b026283c181c92b1fd

SHA1
146e227ec8757c9dca220298b4e1ca46fff84b93

SHA256
72bba571fd3d49c7577423d053b48b940f1404417b7d36a08787db5a362a1c2a

SHA512
eb4509d7303792200980e3edb2b354c18b02bc9ad3a0dbeedaae2dc9ff3e5030c1e2756eea23b29d1daf249850a1f51a6e42352768c7a04d77ebfc0febe1d731

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58993d.TMP

Filesize
48B

MD5
6ff5286d8692727465cdc5ff4110657b

SHA1
dfc03c573166f25578dabcb995dcbd61a6d0de9f

SHA256
948460a842a3028bf6984d0714fc8c9a60de88b6127c7a44cab99d835ecb14c3

SHA512
da8cc359cfc4ff36891bc3a2bb68b25e63016554727ef697f456ba28cf76c7c237e380a3122e1897416b20bb2150ce5595cc7d46f3bce0b192effb10b92feeaf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
aabf60a07f3bb3b9fc95aba2e23ba39e

SHA1
7d894785855dbfc2047f12c9379e9874877d33e5

SHA256
c485f48726f56d50c57e8cd9791c4ee2373227b0949be584a93cc26e7b28329e

SHA512
b5afef72490dd2e85d539a5bde8b0d3e89d6ef1b9eb7a70dca5f9513267931408c58676ab9abf6a5fd65d6e24452828a238ebfc6975a6ab15f33647f597f4457

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
4KB

MD5
baf3ece6761e8ed2b25d8868c76eb88e

SHA1
4773ff1875e534534b6f4283d5b7d6746b1367f4

SHA256
fc133205aca057237e28f953380677e79eaa5f37e19bf86de57ac5e2132ae6eb

SHA512
f400c679dca784c2751f9273bf013cbcf1392931bc94e2fd5fbac01454fb23ef42ed1d24faf1a11a6f201083daa17b5e3f05d2f0375a0f6938119b6160bb6e41

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
fa3e54dbd4bd2c681c1ba24c793cb4d7

SHA1
fa9811155b23f1001ea02272d757c435052ebcc6

SHA256
a1d64811f938ef6da00a66dcd9c117ac2e1e08473793e0a26b523ed1ed926f38

SHA512
f1839505cd074f003829dea2c9ff35c19650278bf2eeb04e1d69cbae159a4db74a8114ca5ddbe7d058aabb9a19d1260166f3f5e8f9e574c5f09d7a3728d57062

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
fe5bd01abbeddacd1b1850bfa7a07efb

SHA1
829a8f14d0b5ed06e4bf53b3af63f23078bc055e

SHA256
b808a3fd8586341c458dbe9c8331047a648915fab8bfde10a6343c2ae00079c5

SHA512
91b8d853f937382c14001521bc76872d0c5bbbe86caec43c38c9075ec51553b59b7cee1eeb910f7aea09ce127d8da2209e80ef6e2993d2ceaa3d06c610639f1c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
d2d8a597cbcde5044db4b56b2676d09c

SHA1
d5aa1320293f1cb282f45d0261ac098f805caa78

SHA256
dacba8e5e716dc6270c8f9ded8db815f39dfc1b74668e3d0c0812d152a950e79

SHA512
c8f12c99432387822969dcb07b74696ac4915bda79699c838ff758a87b36b99eb5de92449915cf90ff2141ae39ef899ec12b1497d7616c3ef1b80b91fe39f1fd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
372B

MD5
28d81ebca9ca66baf5de82b9d0d7668c

SHA1
cec3e737e634145a368c8ba868cd07a895cc9026

SHA256
d8fa6eb5a6a6a3489f1a6986465b981261bb7ff55e2e5b91e7009bd28afed53f

SHA512
3d78ff986307a7b35449ac08817950a09ae2c4acfc9312bcb2ccb6e745501abc6c8ebb6b3baad5187636c4d0761ffb6ff88e5b400e39fe1c70737ac93ed9f5ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
47081efeee55c9d4bb39e7860a6eaf0d

SHA1
036ceba0d49bf3a98a7652b4d1692d8b62a4d70b

SHA256
266fec46c30ba4b185c569bf9e8b4b66828349b3e2ab5faddcbd85d8c1f59c7e

SHA512
7316edb91f4177b14f5616b5d2c8d2fef6c55ad9dfa7723be723bc840c4e72c85b5bfd632240f005784b62c850f4bf90936b91a20282cdaf5dcf66ea838c8bd7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
6KB

MD5
1cb720e4d08652f423fd0be34a62d112

SHA1
cd13af817d953e0054c71636a47c9a935d9f726f

SHA256
acc6c5ff8dd0306d2ff0f0a3af598b924d1e03cc5a864caae0f957ce18e48b48

SHA512
c806bd4c62d8430b93c53deaa16cbff347db927ba4d16c354f41574aeefe7fe543d151f95a40b1fde9924144a52849e9d6312a28d2dce0649ad33ee05645a9c7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
de5b9acb12d70e37c07c02ea9ae5397a

SHA1
eee96c01584e1bffc429ff8aadd6886f039d4ea0

SHA256
e137dc1411b0dfda2bf62b38160d7ae82b3a2beb47e7817bf90b954ed39bc103

SHA512
143e3c152b5efe6fb19ee4ad6980b301dded2217fb0c7f29f946d55fdad7e7395eea806da8ddce0d99a3e6976ef3fd3fbda3f9e0bb183754fd6e1b2ea5c448d5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
f94b99400a720ac23ec84e3ee2686ed2

SHA1
b5c4b62cd38e4178fbb29498106959c77a31b61b

SHA256
0b5da8dc4bd475d3bc57921ca2d02b6b61ecb58ebc4082a99df4d99a50b4e32e

SHA512
1d177dcb00df39849747664ae63e0bbdee4992aecb58a6728c319d0aad0b0ae755fc52d68aec1f26abb789008b6db1bf5ededc0389d81d1da0defccf5e5136ab

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
19c6dcd77ef1a59af90f698f6c69f9f0

SHA1
b04b1266c6c543189af7d0b070674f2c78db0401

SHA256
e0d71bfdb2829923311d365338684bde963e3c14d4090746ddd616723f38048e

SHA512
8b15b23dd01804c5bc496f5a262885121ef1b5a54abe925db3cb7a2b660d9e05cdd234989403412d30a21311346b1527afc2623466aaaf8a53bf09bef2e793af

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
a6233c6346cadcc6b0956876846664b5

SHA1
66da5063a4def219c35232ea6e56526614fcd945

SHA256
a175855f6d0229a830a6f6eb801143f10a889a46b838d90efb098a9d5b821791

SHA512
75f9423e018826f383d0a41f505bf7c557b1d18d7667bb7364ecc6a059ffd0e06aaca3e89403ccd0d7a604ab9c61a1bdabb5dd5e7eba56dc76aafe9e994b35b3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
874B

MD5
35919959ed0b0c87054b71beae8f5e53

SHA1
cf16e0f4973059625c484430ba56bc8d49c2b33a

SHA256
57ba8546a6424467c876be84c76a3c74a2879d4d3c125d2798ecf305ae368371

SHA512
7b881272073a429f6450fa11925a1651f9fba1fa8c67f8e688a53811420b44f79b5cf0c3435a8edf748141e2f980c3b49291972734b50c3d2d7480f24cccb9e9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
935d848f09d64d3cfb176e20a4c511ed

SHA1
6de8282b95cfa1237cd2623057465f7d31cbb8f8

SHA256
cd8e831133c7afcac03b84c4450fa316b3c3e018bd2c0cf4ec503a42bab702ca

SHA512
b63e75e4486f930ca22b4f83230e5ce3da6fa3f1c0b9f0d3b6add04867a6f4517e446b75ff0dbe9391ebd44b2a027cfa206a98b4a9f2613c5624b933fd9e0b96

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
7KB

MD5
56acdd236c60867ee451d2d1738536bb

SHA1
b5118422d3fc9c077817c16c3637beec2bf59201

SHA256
296072b300615bc46fb884960d5091e5193cda7da8bbcdb1506639287d3bb615

SHA512
c23ae65f16e3afa6bd9e6b9a2c7fd4c1362c101438f6134ae6eaa6198271c2eee996bfdb54f61e29c599858f20d634fb6621e771ca8916e8a5d183b10eff75cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d3bb.TMP

Filesize
204B

MD5
8e2bc73296216f0cd68598f513748e70

SHA1
d90f3d70feb8ef35b25e2fbdc7a387e42c84a216

SHA256
9b08bfdee9884700a6dac04361dd20846945d171fa79905f326ee7a96e074e7d

SHA512
e0178a0ada5b43e8dbd7571b97c799ee79ac927cc4f685dad1692292b49581dce6e1aa65448296f1580d1c21270fe235dc821ef2704c755dbc93767f5160c7ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
2c5fa70ed96204cb91d14ff37fa79bf9

SHA1
f5a345c548ec5d263a1432e2e91d554f5eddcd94

SHA256
ba6df4896b927066de45d56338c4d1a59e1728a227b8a9162fa1f2c297f00174

SHA512
611dece4b63a57f2efa25e96f2d324e7aea62c0ef5ae410ecd93498067206a7cc81c2612e60e6a3b408fcb36b3097baee8fc06ec3ca6a4f91362ae068c304da5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
4b350f9fd757de671b922dcd4905a4a0

SHA1
2b985320a132db1f3072fd18b7f5fbd4ac05fce6

SHA256
b5c20e736a76d13dfedc9633cded14fecf942474e8a4a2a70869491c5f164f87

SHA512
b3ca0480d6ebdaf361bcb7b9820ed43135f4040d56d54cd389fa8cd8176a82d544c458b000f4045ea3b0ebbe0513662e581d2b4cb3f3ddcad27b4ec6df7021bd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
50bd17ff183258120166820bdb7971ac

SHA1
237934e3a76d083709c606ce90f7758c89d109d2

SHA256
ae60a2ce93cd502aaec588b1971336032fd363a76098d2e65d950e7fcb27c962

SHA512
e4202a91a658346c3d7b619660a7d3cd54bdb2c346760ac9c1d6ea56e46f41a5865b88386377e79636d835587bf1299950951798a61d7917b27ed3e480f811e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
38aff11cb85855f81f67c9d3b2c61946

SHA1
e609be25e27f7a1f7000551a0c2cdc82433b57c0

SHA256
e4f402ce3d697b81ec8bd846fe8a5966b36f21c002e784553dec47195ce944b0

SHA512
3bbbaf9c3cc9b921e77743a4e3ae259086e54208957205d4831e1030773d4e3400ebd9a18d991aca48ac750089c0b0ca3974d9543a202554d550559e49b8a7cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e4f9167a7ac550ae749be6866edfc866

SHA1
5058128521598ee9f1f6efb8dee046c95d168c7e

SHA256
e645f17e56b72657dbc9590e443b9eee441e4aa2cba8467881363ad4cdc707a2

SHA512
7c5314d083aa5d4cfc7f1922fdd53626f2a4984e25dbe7c082b299a9b613a3cef4233afd052f1d261c99982ecdb1facc1204c28083ca28c4a6f59c3fac9ce179

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
2f98932f7f3754d577656ace4ec8b4d4

SHA1
b65ecf12fb437b6e0bd13187ddb296cdc61389f9

SHA256
7aad1b5680c4ba1636f8d960d821c13552eed2ab729e75417888833dfbb9565b

SHA512
3a1331c2cef3c70db44244451b080a2c447dee0a2c24bf70fe59ee7a999b01c87cb734c7fdfd2b59c32402dd6680c5a32e9a9bc68f4f73a3d7e0f1a7d9c5e2b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
e3820484373a26c1ada772eb891aee80

SHA1
0a5e494d888ad8356fa648239398c176222a9403

SHA256
6bc7d48452c29ca9b7650752deae93ec7d051176d8b4a32c4fcced22baf994ba

SHA512
dd0b7a26bd62ed47d1ac57130dd55578bd45c1c7075028c548cf9d90fb44d12caf741993b64ce30dc9a539cd8e802621b5cffc384486cf352f25f05d63422681

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
a502f75be751c2e9ff81688bd4bb6234

SHA1
6756089b005c4a67555efafbfb5fc426e3b6eca3

SHA256
87928dc502c951e0ec902e4b035c7e84ce53d396baf68a69d5681afbe6861532

SHA512
943282dc543ea35dcf5a1a24ae2a93a5ec9303a1d7d0731ea4b52308ae023a7cfb6a13bf6cfd16bb21f29a849ebc656abb15a4b729e33401d01bc09910a900a4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
0db840c43b7f097bfa4aeb77c749ca9e

SHA1
62e24e5a292051eb8d4e153f4359cd33507af227

SHA256
a7306baf9d17db341f5d6aa133e7fb3ef9a52885ebd9967cc32a926a96610faf

SHA512
dd733a35558ae6a421c47a862ca16fa0554d7a8cccb6dab26d3767b2cbba53e0d3f65077abc6a18439402e2a72f6649b26334e38f4744a14bccd56582ed6896a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
498a754af2b5176cfc675d47854fbd8c

SHA1
aa7d2417b1d14c1d170308edfbc5f3f5970cb16f

SHA256
27206233d684a818ec72d61b46cf4b67382e7b9b1fd9db5bf98749837e8074c9

SHA512
ab879162bc954c70aa17dc6d2814093f472e145b5e7f00e3b8482f48d79ebe0f5060f1f2744aa464bb5f30702b121a98e536d8cf504897a794b792d7b4a6dd20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
f0cf5c2926830f8cf9db2c64b9f6bb10

SHA1
5e091788de8bbcc99c4fed609990871d62c5144a

SHA256
a0e4699bed3f4448afa49b944a7637abd07f829c08a11f0c35988a1793a9f822

SHA512
76bda143c18cab7047876965ce87eeb31b32a4abf0040a0afb2ce4b2dd8d3ea07177505b35ca166655f2b28319f57e64a13370cf22932effc5b3fe279aa37248

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
0aedb8008c271f688ec0cf69ad39b749

SHA1
01df4f2875b8e0bc9ba0f689c6e48e4b41532315

SHA256
478cd49674f974a9234e6adc25d34b57da34a2167153611367e2b8c945c4aaac

SHA512
07c85e7c1676c670495d48bdd5d1b02a90c67ab13453f2c9e718bd9f83156a205fe3d4acdf20813031faa469ad2eb7ac5ad7f3247ee60043fbe11b565f650b83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
5e307293b862cc85d25b2bc5df4bdf9a

SHA1
c837a2ef43b7fd304d5a68ac2581b91b75a406b3

SHA256
88167ab9dc75cf239797768378f162ca4daae4193729f54913b37a714d02dcd9

SHA512
25f34218ab8c7f40590624905e880e69434120123962e57482769bd182e71fed10ed897f8ec97cb5899efede55847a302c06b6565271315d5f801c4f1bdfc423

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
674ae24b072bdbda15946ac71ab3d005

SHA1
eceed5c7d90fbcae982b1d14b908c56078d915e2

SHA256
2e19d109fe5dec3c915a54689796b6a315445c1956edb7cc6ff40bb8fd1546f4

SHA512
ad2562f435a3476dbfe0d5aadcf7def27b5e8631c60e482dfd51794818ed4da242b9f5e19b691aadf6e8d840e934370a005cacba6f46d111e1e2811418de8e68

Download Submit
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

Filesize
10KB

MD5
a05de6626e878c11872bcf9a152a692c

SHA1
8e2e338228d149511acd9740a84d5310c33f7f2c

SHA256
2b028061471208157f927bc0495bd6814ebce7edb5c6a0cf5f6d8d065845d704

SHA512
9f73b10f2acb9d22d8c02428f55759d55c4a6d8f4521f2c8f698c7d20280aded26a3e2ecd565507d5e8334ba4843076fbc42e3df74b49a8bc20eeb71d9ceb520

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0001.tmp

Filesize
8.0MB

MD5
8e15b605349e149d4385675afff04ebf

SHA1
f346a886dd4cb0fbbd2dff1a43d9dfde7fce348b

SHA256
803f930cdd94198bdd2e9a51aa962cc864748067373f11b2e9215404bd662cee

SHA512
8bf957ef72465fe103dbf83411df9082433eead022f0beccab59c9e406bbd1e4edb701fd0bc91f195312943ad1890fee34b4e734578298bb60bb81ed6fa9a46d

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0002.tmp

Filesize
8.0MB

MD5
596cb5d019dec2c57cda897287895614

SHA1
6b12ea8427fdbee9a510160ff77d5e9d6fa99dfa

SHA256
e1c89d9348aea185b0b0e80263c9e0bf14aa462294a5d13009363140a88df3ff

SHA512
8f5fc432fd2fc75e2f84d4c7d21c23dd1f78475214c761418cf13b0e043ba1e0fc28df52afd9149332a2134fe5d54abc7e8676916100e10f374ef6cdecff7a20

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0003.tmp

Filesize
8.0MB

MD5
7c8328586cdff4481b7f3d14659150ae

SHA1
b55ffa83c7d4323a08ea5fabf5e1c93666fead5c

SHA256
5eec15c6ed08995e4aaffa9beeeaf3d1d3a3d19f7f4890a63ddc5845930016cc

SHA512
aa4220217d3af263352f8b7d34bd8f27d3e2c219c673889bc759a019e3e77a313b0713fd7b88700d57913e2564d097e15ffc47e5cf8f4899ba0de75d215f661d

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0004.tmp

Filesize
8.0MB

MD5
4f398982d0c53a7b4d12ae83d5955cce

SHA1
09dc6b6b6290a3352bd39f16f2df3b03fb8a85dc

SHA256
fee4d861c7302f378e7ce58f4e2ead1f2143168b7ca50205952e032c451d68f2

SHA512
73d9f7c22cf2502654e9cd6cd5d749e85ea41ce49fd022378df1e9d07e36ae2dde81f0b9fc25210a9860032ecda64320ec0aaf431bcd6cefba286328efcfb913

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0005.tmp

Filesize
8.0MB

MD5
94e0d650dcf3be9ab9ea5f8554bdcb9d

SHA1
21e38207f5dee33152e3a61e64b88d3c5066bf49

SHA256
026893ba15b76f01e12f3ef540686db8f52761dcaf0f91dcdc732c10e8f6da0e

SHA512
039ccf6979831f692ea3b5e3c5df532f16c5cf395731864345c28938003139a167689a4e1acef1f444db1fe7fd3023680d877f132e17bf9d7b275cfc5f673ac3

Download Submit
C:\Users\Admin\AppData\Local\Temp\$inst\0006.tmp

Filesize
1.8MB

MD5
b3b7f6b0fb38fc4aa08f0559e42305a2

SHA1
a66542f84ece3b2481c43cd4c08484dc32688eaf

SHA256
7fb63fca12ef039ad446482e3ce38abe79bdf8fc6987763fe337e63a1e29b30b

SHA512
0f4156f90e34a4c26e1314fc0c43367ad61d64c8d286e25629d56823d7466f413956962e2075756a4334914d47d69e20bb9b5a5b50c46eca4ef8173c27824e6c

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL

Filesize
73KB

MD5
81e5c8596a7e4e98117f5c5143293020

SHA1
45b7fe0989e2df1b4dfd227f8f3b73b6b7df9081

SHA256
7d126ed85df9705ec4f38bd52a73b621cf64dd87a3e8f9429a569f3f82f74004

SHA512
05b1e9eef13f7c140eb21f6dcb705ee3aaafabe94857aa86252afa4844de231815078a72e63d43725f6074aa5fefe765feb93a6b9cd510ee067291526bb95ec6

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTANM.DLL

Filesize
40KB

MD5
48c00a7493b28139cbf197ccc8d1f9ed

SHA1
a25243b06d4bb83f66b7cd738e79fccf9a02b33b

SHA256
905cb1a15eccaa9b79926ee7cfe3629a6f1c6b24bdd6cea9ccb9ebc9eaa92ff7

SHA512
c0b0a410ded92adc24c0f347a57d37e7465e50310011a9d636c5224d91fbc5d103920ab5ef86f29168e325b189d2f74659f153595df10eef3a9d348bb595d830

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTCTL.DLL

Filesize
160KB

MD5
237e13b95ab37d0141cf0bc585b8db94

SHA1
102c6164c21de1f3e0b7d487dd5dc4c5249e0994

SHA256
d19b6b7c57bcee7239526339e683f62d9c2f9690947d0a446001377f0b56103a

SHA512
9d0a68a806be25d2eeedba8be1acc2542d44ecd8ba4d9d123543d0f7c4732e1e490bad31cad830f788c81395f6b21d5a277c0bed251c9854440a662ac36ac4cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDP2.DLL

Filesize
60KB

MD5
a334bbf5f5a19b3bdb5b7f1703363981

SHA1
6cb50b15c0e7d9401364c0fafeef65774f5d1a2c

SHA256
c33beaba130f8b740dddb9980fe9012f9322ac6e94f36a6aa6086851c51b98de

SHA512
1fa170f643054c0957ed1257c4d7778976c59748670afa877d625aaa006325404bc17c41b47be2906dd3f1e229870d54eb7aba4a412de5adedbd5387e24abf46

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDPV.DLL

Filesize
64KB

MD5
7c5aefb11e797129c9e90f279fbdf71b

SHA1
cb9d9cbfbebb5aed6810a4e424a295c27520576e

SHA256
394a17150b8774e507b8f368c2c248c10fce50fc43184b744e771f0e79ecafed

SHA512
df59a30704d62fa2d598a5824aa04b4b4298f6192a01d93d437b46c4f907c90a1bad357199c51a62beb87cd724a30af55a619baef9ecf2cba032c5290938022a

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTMPX.DLL

Filesize
60KB

MD5
4fbbaac42cf2ecb83543f262973d07c0

SHA1
ab1b302d7cce10443dfc14a2eba528a0431e1718

SHA256
6550582e41fc53b8a7ccdf9ac603216937c6ff2a28e9538610adb7e67d782ab5

SHA512
4146999b4bec85bcd2774ac242cb50797134e5180a3b3df627106cdfa28f61aeea75a7530094a9b408bc9699572cae8cf998108bde51b57a6690d44f0b34b69e

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTPSH.DLL

Filesize
36KB

MD5
b4ac608ebf5a8fdefa2d635e83b7c0e8

SHA1
d92a2861d5d1eb67ab434ff2bd0a11029b3bd9a9

SHA256
8414dfe399813b7426c235ba1e625bd2b5635c8140da0d0cfc947f6565fe415f

SHA512
2c42daade24c3ff01c551a223ee183301518357990a9cb2cc2dd7bf411b7059ff8e0bf1d1aee2d268eca58db25902a8048050bdb3cb48ae8be1e4c2631e3d9b4

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSR.DLL

Filesize
60KB

MD5
9fafb9d0591f2be4c2a846f63d82d301

SHA1
1df97aa4f3722b6695eac457e207a76a6b7457be

SHA256
e78e74c24d468284639faf9dcfdba855f3e4f00b2f26db6b2c491fa51da8916d

SHA512
ac0d97833beec2010f79cb1fbdb370d3a812042957f4643657e15eed714b9117c18339c737d3fd95011f873cda46ae195a5a67ae40ff2a5bcbee54d1007f110a

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSVR.EXE

Filesize
268KB

MD5
5c91bf20fe3594b81052d131db798575

SHA1
eab3a7a678528b5b2c60d65b61e475f1b2f45baa

SHA256
e8ce546196b6878a8c34da863a6c8a7e34af18fb9b509d4d36763734efa2d175

SHA512
face50db7025e0eb2e67c4f8ec272413d13491f7438287664593636e3c7e3accaef76c3003a299a1c5873d388b618da9eaede5a675c91f4c1f570b640ac605d6

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.DLL

Filesize
28KB

MD5
0cbf0f4c9e54d12d34cd1a772ba799e1

SHA1
40e55eb54394d17d2d11ca0089b84e97c19634a7

SHA256
6b0b57e5b27d901f4f106b236c58d0b2551b384531a8f3dad6c06ed4261424b1

SHA512
bfdb6e8387ffbba3b07869cb3e1c8ca0b2d3336aa474bd19a35e4e3a3a90427e49b4b45c09d8873d9954d0f42b525ed18070b949c6047f4e4cdb096f9c5ae5d5

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.HLP

Filesize
8KB

MD5
466d35e6a22924dd846a043bc7dd94b8

SHA1
35e5b7439e3d49cb9dc57e7ef895a3cd8d80fb10

SHA256
e4ccf06706e68621bb69add3dd88fed82d30ad8778a55907d33f6d093ac16801

SHA512
23b64ed68a8f1df4d942b5a08a6b6296ec5499a13bb48536e8426d9795771dbcef253be738bf6dc7158a5815f8dcc65feb92fadf89ea8054544bb54fc83aa247

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT20.INF

Filesize
2KB

MD5
e4a499b9e1fe33991dbcfb4e926c8821

SHA1
951d4750b05ea6a63951a7667566467d01cb2d42

SHA256
49e6b848f5a708d161f795157333d7e1c7103455a2f47f50895683ef6a1abe4d

SHA512
a291bb986293197a16f75b2473297286525ac5674c08a92c87b5cc1f0f2e62254ea27d626b30898e7857281bdb502f188c365311c99bda5c2dd76da0c82c554a

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTCTL15.TLB

Filesize
28KB

MD5
f1656b80eaae5e5201dcbfbcd3523691

SHA1
6f93d71c210eb59416e31f12e4cc6a0da48de85b

SHA256
3f8adc1e332dd5c252bbcf92bf6079b38a74d360d94979169206db34e6a24cd2

SHA512
e9c216b9725bd419414155cfdd917f998aa41c463bc46a39e0c025aa030bc02a60c28ac00d03643c24472ffe20b8bbb5447c1a55ff07db3a41d6118b647a0003

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTINST.INF

Filesize
7KB

MD5
b127d9187c6dbb1b948053c7c9a6811f

SHA1
b3073c8cad22c87dd9b8f76b6ffd0c4d0a2010d9

SHA256
bd1295d19d010d4866c9d6d87877913eee69e279d4d089e5756ba285f3424e00

SHA512
88e447dd4db40e852d77016cfd24e09063490456c1426a779d33d8a06124569e26597bb1e46a3a2bbf78d9bffee46402c41f0ceb44970d92c69002880ddc0476

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MSLWVTTS.DLL

Filesize
52KB

MD5
316999655fef30c52c3854751c663996

SHA1
a7862202c3b075bdeb91c5e04fe5ff71907dae59

SHA256
ea4ca740cd60d2c88280ff8115bf354876478ef27e9e676d8b66601b4e900ba0

SHA512
5555673e9863127749fc240f09cf3fb46e2019b459ad198ba1dc356ba321c41e4295b6b2e2d67079421d7e6d2fb33542b81b0c7dae812fe8e1a87ded044edd44

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcirt.dll

Filesize
76KB

MD5
e7cd26405293ee866fefdd715fc8b5e5

SHA1
6326412d0ea86add8355c76f09dfc5e7942f9c11

SHA256
647f7534aaaedffa93534e4cb9b24bfcf91524828ff0364d88973be58139e255

SHA512
1114c5f275ecebd5be330aa53ba24d2e7d38fc20bb3bdfa1b872288783ea87a7464d2ab032b542989dee6263499e4e93ca378f9a7d2260aebccbba7fe7f53999

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcp50.dll

Filesize
552KB

MD5
497fd4a8f5c4fcdaaac1f761a92a366a

SHA1
81617006e93f8a171b2c47581c1d67fac463dc93

SHA256
91cd76f9fa3b25008decb12c005c194bdf66c8d6526a954de7051bec9aae462a

SHA512
73d11a309d8f1a6624520a0bf56d539cb07adee6d46f2049a86919f5ce3556dc031437f797e3296311fe780a8a11a1a37b4a404de337d009e9ed961f75664a25

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF16.DLL

Filesize
2KB

MD5
7210d5407a2d2f52e851604666403024

SHA1
242fde2a7c6a3eff245f06813a2e1bdcaa9f16d9

SHA256
337d2fb5252fc532b7bf67476b5979d158ca2ac589e49c6810e2e1afebe296af

SHA512
1755a26fa018429aea00ebcc786bb41b0d6c4d26d56cd3b88d886b0c0773d863094797334e72d770635ed29b98d4c8c7f0ec717a23a22adef705a1ccf46b3f68

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF32.DLL

Filesize
4KB

MD5
4be7661c89897eaa9b28dae290c3922f

SHA1
4c9d25195093fea7c139167f0c5a40e13f3000f2

SHA256
e5e9f7c8dbd47134815e155ed1c7b261805eda6fddea6fa4ea78e0e4fb4f7fb5

SHA512
2035b0d35a5b72f5ea5d5d0d959e8c36fc7ac37def40fa8653c45a49434cbe5e1c73aaf144cbfbefc5f832e362b63d00fc3157ca8a1627c3c1494c13a308fc7f

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\andmoipa.ttf

Filesize
29KB

MD5
c3e8aeabd1b692a9a6c5246f8dcaa7c9

SHA1
4567ea5044a3cef9cb803210a70866d83535ed31

SHA256
38ae07eeb7909bda291d302848b8fe5f11849cf0d597f0e5b300bfed465aed4e

SHA512
f74218681bd9d526b68876331b22080f30507898b6a6ebdf173490ca84b696f06f4c97f894cb6052e926b1eee4b28264db1ead28f3bc9f627b4569c1ddcd2d3e

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.dll

Filesize
1.2MB

MD5
ed98e67fa8cc190aad0757cd620e6b77

SHA1
0317b10cdb8ac080ba2919e2c04058f1b6f2f94d

SHA256
e0beb19c3536561f603474e3d5e3c3dff341745d317bc4d1463e2abf182bb18d

SHA512
ec9c3a71ca9324644d4a2d458e9ba86f90deb9137d0a35793e0932c2aa297877ed7f1ab75729fda96690914e047f1336f100b6809cbc7a33baa1391ed588d7f0

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.hlp

Filesize
11KB

MD5
80d09149ca264c93e7d810aac6411d1d

SHA1
96e8ddc1d257097991f9cc9aaf38c77add3d6118

SHA256
382d745e10944b507a8d9c69ae2e4affd4acf045729a19ac143fa8d9613ccb42

SHA512
8813303cd6559e2cc726921838293377e84f9b5902603dac69d93e217ff3153b82b241d51d15808641b5c4fb99613b83912e9deda9d787b4c8ccfbd6afa56bc9

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.inf

Filesize
2KB

MD5
0a250bb34cfa851e3dd1804251c93f25

SHA1
c10e47a593c37dbb7226f65ad490ff65d9c73a34

SHA256
85189df1c141ef5d86c93b1142e65bf03db126d12d24e18b93dd4cc9f3e438ae

SHA512
8e056f4aa718221afab91c4307ff87db611faa51149310d990db296f979842d57c0653cb23d53fea54a69c99c4e5087a2eb37daa794ba62e6f08a8da41255795

Download Submit
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tvenuax.dll

Filesize
40KB

MD5
1587bf2e99abeeae856f33bf98d3512e

SHA1
aa0f2a25fa5fc9edb4124e9aa906a52eb787bea9

SHA256
c9106198ecbd3a9cab8c2feff07f16d6bb1adfa19550148fc96076f0f28a37b0

SHA512
43161c65f2838aa0e8a9be5f3f73d4a6c78ad8605a6503aae16147a73f63fe985b17c17aedc3a4d0010d5216e04800d749b2625182acc84b905c344f0409765a

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
10KB

MD5
891f50eacad0f59a599ecaf1e5195247

SHA1
c959d1d0fa13ac108a05494c7d61a42751d63991

SHA256
a2648d2ffbef24f82bcba8076fa029b9fffb07131a751e99e4524f57c7863284

SHA512
1f8697c52d3e0a602a0b55f465af0155ca2386ba792cfa14eabd4a4d128b1a3559e272b6ec87ec210d575becd1e7f770fbd153d5487d9d5707a8c14648013b5c

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

Filesize
15KB

MD5
c081e25bec48e780a0bd00de1d7f2df5

SHA1
a0dc552510aed790ec0c3f6efbc3910f2e3267be

SHA256
5e77ddbbe80814c9c2eb0fa8f61b13fe0635383461c235dffe33617698a93589

SHA512
c5c163573749e68e2f12505d298accb5c4d904194f26518028eb35af9491998fcd7c75548acfd2251fa8a63a8203ec29f13b6acf9cec216a0d3161ca33a344b0

Download Submit
C:\Users\Admin\Downloads\Aura.zip:Zone.Identifier

Filesize
26B

MD5
fbccf14d504b7b2dbcb5a5bda75bd93b

SHA1
d59fc84cdd5217c6cf74785703655f78da6b582b

SHA256
eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913

SHA512
aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

Download Submit
C:\Users\Admin\Downloads\Autoruns.zip

Filesize
2.8MB

MD5
09aa3a18f9dbf8588b0a3489f5c752f4

SHA1
130a744a421ca914f2809685af8262c468f4177a

SHA256
b04d2ac6dcc287a4b01a9cdc5bd9580a38df8a3379e03698cf7b888cdab7ea0f

SHA512
d0a18f5b71fdf9df60e604d12c9279322a6aa8ce6001cd980bd9df138718c59bf7023690de51b64e6926f154b2ebd52950fa21a89e5e30d6942c784a28edb453

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 231703.crdownload

Filesize
2.8MB

MD5
1535aa21451192109b86be9bcc7c4345

SHA1
1af211c686c4d4bf0239ed6620358a19691cf88c

SHA256
4641af6a0071e11e13ad3b1cd950e01300542c2b9efb6ae92ffecedde974a4a6

SHA512
1762b29f7b26911a7e6d244454eac7268235e2e0c27cd2ca639b8acdde2528c9ddf202ed59ca3155ee1d6ad3deba559a6eaf4ed74624c68688761e3e404e54da

Download Submit
C:\Users\Admin\Downloads\results.htm:Zone.Identifier

Filesize
176B

MD5
2824e5b26fa48abf1879a13b677fafff

SHA1
d8f63e347535364b32055617a217596e69049a44

SHA256
62db0ad0cde0bb4b34017a2bf8e530952f570fdcef5a896bf8a2222ab7312258

SHA512
a3e67d146b51789d83038e2e557a46f603d69243f17f74762e8f63d986f31eddf922584b59230e19f724d6be44855aa429b58c0989a0abd1e27c663acbacb472

Download Submit
C:\Windows\msagent\chars\Bonzi.acs

Filesize
5.0MB

MD5
1fd2907e2c74c9a908e2af5f948006b5

SHA1
a390e9133bfd0d55ffda07d4714af538b6d50d3d

SHA256
f3d4425238b5f68b4d41ed5be271d2f4118a245baf808a62dc1a9e6e619b2f95

SHA512
8eede3e5e52209b8703706a3e3e63230ba01975348dcdc94ef87f91d7c833a505b177139683ca7a22d8082e72e961e823bc3ad1a84ab9c371f5111f530807171

Download Submit
C:\Windows\msagent\chars\Peedy.acs

Filesize
4.0MB

MD5
49654a47fadfd39414ddc654da7e3879

SHA1
9248c10cef8b54a1d8665dfc6067253b507b73ad

SHA256
b8112187525051bfade06cb678390d52c79555c960202cc5bbf5901fbc0853c5

SHA512
fa9cab60fadd13118bf8cb2005d186eb8fa43707cb983267a314116129371d1400b95d03fbf14dfdaba8266950a90224192e40555d910cf8a3afa4aaf4a8a32f

Download Submit
memory/1248-1380-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1381-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1378-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1384-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1374-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1383-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1382-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1373-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1379-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/1248-1372-0x000001C938170000-0x000001C938171000-memory.dmp

Filesize
4KB

Download
memory/2940-7233-0x0000000000400000-0x0000000000424000-memory.dmp

Filesize
144KB

Download
memory/3608-5569-0x0000000000400000-0x00000000004BC000-memory.dmp

Filesize
752KB

Download
memory/6028-1395-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/6028-1394-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/6876-5570-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/6876-5510-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download