Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

tuvieja.bat

windows7-x64

3

tuvieja.bat

windows10-2004-x64

3

Resubmissions

07/07/2024, 00:42

240707-a2wbts1dkb 3

07/07/2024, 00:40

240707-a1my3aydrl 3

Analysis

  • max time kernel
    246s
  • max time network
    287s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    07/07/2024, 00:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tuvieja.bat

  • Size

    403B

  • MD5

    ab66d808332f1aff09366c7989e47680

  • SHA1

    574d7edf3efe027beeafeef11facadb1db74d556

  • SHA256

    4323816a05b4a64007fa0949daca64a46fddf460187bdc72e951be9380e055d6

  • SHA512

    a7a853663944a48cfc3780884c605559acbea01044fd3524299f16973122dd195625049acc5048b88c7d306b96480c9603090b0a628de6a62465cbd72a88f478

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\tuvieja.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3728
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/dnSpy/dnSpy/releases/download/v6.1.8/dnSpy-net-win64.zip
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4764
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffb8a9e46f8,0x7ffb8a9e4708,0x7ffb8a9e4718
        3⤵
          PID:3448
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2156,9431430567242992476,16886894882510618509,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
          3⤵
            PID:2668
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2156,9431430567242992476,16886894882510618509,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
            3⤵
            • Suspicious behavior: EnumeratesProcesses
            PID:1180
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/icsharpcode/ILSpy/releases/download/v9.0-preview2/ILSpy_Installer_9.0.0.7660-preview2-x64.msi
          2⤵
          • Enumerates system info in registry
          • NTFS ADS
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
          • Suspicious use of FindShellTrayWindow
          • Suspicious use of SendNotifyMessage
          • Suspicious use of WriteProcessMemory
          PID:1104
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x104,0x108,0x10c,0xd4,0x110,0x7ffb8a9e46f8,0x7ffb8a9e4708,0x7ffb8a9e4718
            3⤵
              PID:432
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2232 /prefetch:2
              3⤵
                PID:5100
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3
                3⤵
                • Suspicious behavior: EnumeratesProcesses
                PID:784
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --service-sandbox-type=utility --mojo-platform-channel-handle=2848 /prefetch:8
                3⤵
                  PID:3692
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
                  3⤵
                    PID:4380
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
                    3⤵
                      PID:4480
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3908 /prefetch:1
                      3⤵
                        PID:4908
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
                        3⤵
                          PID:3352
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
                          3⤵
                            PID:556
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
                            3⤵
                              PID:1100
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
                              3⤵
                                PID:2832
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --service-sandbox-type=collections --mojo-platform-channel-handle=6012 /prefetch:8
                                3⤵
                                  PID:4720
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
                                  3⤵
                                    PID:976
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:1
                                    3⤵
                                      PID:2868
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=3400 /prefetch:8
                                      3⤵
                                        PID:3056
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=3400 /prefetch:8
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:1208
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=5924 /prefetch:8
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:2744
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2220,4704378678946654061,1973689124141188835,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5684 /prefetch:2
                                        3⤵
                                        • Suspicious behavior: EnumeratesProcesses
                                        PID:2104
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.discordapp.com/attachments/1255783402230124564/1259307321155391589/Tron_Launcher_BETA.exe?ex=668b34d6
                                      2⤵
                                      • Suspicious use of WriteProcessMemory
                                      PID:1888
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8a9e46f8,0x7ffb8a9e4708,0x7ffb8a9e4718
                                        3⤵
                                          PID:3980
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,12398392731923803042,14415601488559198270,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
                                          3⤵
                                            PID:1436
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,12398392731923803042,14415601488559198270,131072 --lang=es --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3
                                            3⤵
                                            • Suspicious behavior: EnumeratesProcesses
                                            PID:228
                                      • C:\Windows\System32\CompPkgSrv.exe
                                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                                        1⤵
                                          PID:4044
                                        • C:\Windows\System32\CompPkgSrv.exe
                                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                                          1⤵
                                            PID:2604
                                          • C:\Windows\System32\CompPkgSrv.exe
                                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                                            1⤵
                                              PID:3764
                                            • C:\Windows\system32\wbem\wmiprvse.exe
                                              C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
                                              1⤵
                                                PID:1436

                                              Network

                                              MITRE ATT&CK Enterprise v15

                                              Replay Monitor

                                              Loading Replay Monitor...

                                              Downloads

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                Filesize

                                                152B

                                                MD5

                                                f4e6521c03f1bc16d91d99c059cc5424

                                                SHA1

                                                043665051c486192a6eefe6d0632cf34ae8e89ad

                                                SHA256

                                                7759c346539367b2f80e78abca170f09731caa169e3462f11eda84c3f1ca63d1

                                                SHA512

                                                0bb4f628da6d715910161439685052409be54435e192cb4105191472bb14a33724592df24686d1655e9ba9572bd3dff8f46e211c0310e16bfe2ac949c49fbc5e

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                                Filesize

                                                152B

                                                MD5

                                                210676dde5c0bd984dc057e2333e1075

                                                SHA1

                                                2d2f8c14ee48a2580f852db7ac605f81b5b1399a

                                                SHA256

                                                2a89d71b4ddd34734b16d91ebd8ea68b760f321baccdd4963f91b8d3507a3fb5

                                                SHA512

                                                aeb81804cac5b17a5d1e55327f62df7645e9bbbfa8cad1401e7382628341a939b7aedc749b2412c06174a9e3fcdd5248d6df9b5d3f56c53232d17e59277ab017

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                Filesize

                                                630B

                                                MD5

                                                43aefc05364fb5e983759a7461c443b2

                                                SHA1

                                                4035a9ce244d3455798c7f06f875adbeef7665b0

                                                SHA256

                                                011fcb31117556391b4c50b4ab77c051c9d7805135debc4913a37daf4e5df9fd

                                                SHA512

                                                dbe724d9bcd50e1d8092b3ef0403151f8a53cbe5a1087ed92b5dc41d21f83016a3f686e1423c88c0c2fe07a5bd2d24d403ea21c0019b3350e21042654a8b159b

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                                Filesize

                                                630B

                                                MD5

                                                508970c414803c31587efc4179ce72d0

                                                SHA1

                                                8fa4a809cc37e5bb0e3a2d5c573124c5d382fef5

                                                SHA256

                                                08322c2e87453c9c46caa543023e116058dafe57ef898c1cac35413133412b73

                                                SHA512

                                                6d80ba6c8834c3394f3f2f1d767b078f54bebe005f4a65f53e644579b227c59689f02723cd6a690d5eb5e05a11f66e274f43e135514ce6c01ba1c2ba0d990187

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                Filesize

                                                6KB

                                                MD5

                                                9edb3b1d8d82e311561ab100c6420e87

                                                SHA1

                                                2f5a0ce244e6e79dace0b125a642aa7bff163e4a

                                                SHA256

                                                cd32c6ac5dd93677e53e80013ce5f40d93948a871fc1987396b0361bb6aecc7d

                                                SHA512

                                                3e0524414ab4da55f919cefe1676c9544fc91061bae95fdb99b3039978b79d1d0b0c74d91ac9613defbe2db80d72fae9f6bfffcad474cf221df873e341d1ac2c

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                                Filesize

                                                6KB

                                                MD5

                                                f32c76351e4525fce3190020c33da21b

                                                SHA1

                                                1cde7e5dec933d32722730bf25b3b96000d2e5ab

                                                SHA256

                                                1454f0210cb1dc678e58dfbbb02f7937342f1ec9400e98b2b9641f30bf35686b

                                                SHA512

                                                f8c3a4fc47b3afaa18446e2383444e236f6f10dcd886cb3508d6b020a3b3930b4ee3f9097f6520463ace8dd00c2f9863f8d159fe597adedd8cc15a7b7b35c6d3

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                                Filesize

                                                16B

                                                MD5

                                                6752a1d65b201c13b62ea44016eb221f

                                                SHA1

                                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                                SHA256

                                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                                SHA512

                                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                Filesize

                                                8KB

                                                MD5

                                                14ec3ce1798181f009bb046b64d43c78

                                                SHA1

                                                9f2530e04e24169b7d8532b7b3017f660109f0a4

                                                SHA256

                                                9a2da58bb392e71e803d041780badb5a3fc3f05d42fc4a0420c3c811e731a10d

                                                SHA512

                                                63d40008e0993ccc98d6213ce6bbdfe053b790bd9a966d6281f5ac0e741eaf15fd0be4235ebafd1be2e0f4f794760a2da5ffd42eaa62853e8f8f13c8bb03cc6d

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                Filesize

                                                11KB

                                                MD5

                                                17b5f79d0a5a01b0d517ece1dc1a4ca6

                                                SHA1

                                                c7a1c7ffa2b698e58940a3c37d6bd9a6c3b21656

                                                SHA256

                                                1ef6913abe0a0d5fe6225a08f4bb227991eb723abd24516a152cd6128cb6c89a

                                                SHA512

                                                3f5bc07ba8d6bb4f11262619ae6acf15f0971549dd343718847e2ea00a19bceceb9668ed399166738c7b37d3c084ff63ab8cb0582db9997252354a0c748684d3

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                Filesize

                                                8KB

                                                MD5

                                                3bdc84a34b90c8f9b0d3167fa05bcfa3

                                                SHA1

                                                1d7e6a9a4f923b016ac6a44db9a9c0f7ec63fab1

                                                SHA256

                                                00ae1317ad9f4cb54cdfef8280d25e1016d5272ee157d74252f138b4ad81cd69

                                                SHA512

                                                225c4936c121c9e1d6bd2ec5caa925c71e58397fad9179cea4cb7d8e8b1d42eb2daeb79a73d654420615d980ab65ac513cedc2c2c0af8ee5c80d1d3d65d20f10

                                                Download Submit

                                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                                Filesize

                                                11KB

                                                MD5

                                                dd5c414333d2e012e022e44a88774947

                                                SHA1

                                                a5ea7983bea84811cd411f9e978590bff0948c69

                                                SHA256

                                                50b025dcdd72acc6069c29ee5e4cf56efab027ad8b8754918a802474f0d318f3

                                                SHA512

                                                7e263fc05d1e38234d5b95de58078a000be12e27bdddad76fa265914cb4060d29f661511db843312e2f25cc577acbdaff44712a4303b3a1b931ac1d7df33259f

                                                Download Submit

                                              • C:\Users\Admin\Downloads\Sin confirmar 681848.crdownload
                                                Filesize

                                                4.2MB

                                                MD5

                                                38227f8aacd6a424b13680bdf4c4926f

                                                SHA1

                                                17631f326a8c395550b38501ff56f4f2da2559a8

                                                SHA256

                                                686bed42b707f8f134af9b35882789d3e471e932d13c16f41f0851ad1d62f7ca

                                                SHA512

                                                929cbd6c65db4ea32064ba1a72a1325ea542efdef30829c07113f6cb407c55c79c491c745c74db893dcd0760836092d8f70007e867949ddf262d70176589d117

                                                Download Submit