hxxps://github[.]com/pankoza2-pl/salinewin[.]exe-Malware/blob/main/salinewin[.]zip

Analysis

max time kernel
149s
max time network
153s
platform
windows10-1703_x64
resource
win10-20240611-en
resource tags

arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
submitted
07/07/2024, 06:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/pankoza2-pl/salinewin.exe-Malware/blob/main/salinewin.zip

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 7 IoCs

description	ioc	Process
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdge.exe
File opened for modification	C:\Windows\Debug\ESE.TXT	MicrosoftEdge.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe
File created	C:\Windows\rescache\_merged\3720402701\1568373884.pri	MicrosoftEdgeCP.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main	browser_broker.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000\Software\Microsoft\Internet Explorer\Main	MicrosoftEdgeCP.exe

Modifies registry class 64 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DXFeatureLevel = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Recovery\PendingRecovery\Active = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\DisallowDefaultBrowserPrompt = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\IETld\LowMic	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\Certificates	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DomStorageState	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\DOMStorage\Total\ = "101"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Root\CRLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\CA\CTLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\VersionHigh = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Wow64-VersionLow = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.15063.0\"hypervisor=\"No Hypervisor (No SLAT)\""	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$http://www.typepad.com/	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 9459b3333ad0da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\Disallowed\CTLs	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\History\CachePrefix = "Visited:"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\www.msn.com	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Next Rating Prompt = c062816d91dada01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DummyPath	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\LowMic	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionHigh = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus\DynamicCodePolicy = 05000000	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU	MicrosoftEdgeCP.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DomainSuggestion\FileNames\en-US = "en-US.1"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\Meta\generator$vBulletin 4	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\SubSysId = "0"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\ACGStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus\CIPolicyState = "0"	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Rating\Rating Prompt Shown = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies\CacheLimit = "1"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = eaf65a413ad0da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\002\Internet Explorer\EdpDomStorage\msn.com\Total = "0"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\CIStatus	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\ACGStatus\ACGPolicyState = "8"	MicrosoftEdgeCP.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = b788853c3ad0da01	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Software\Microsoft\SystemCertificates\trust\Certificates	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 056672393ad0da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FavOrder\TreeView = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings\Zones\3	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\CIStatus\CIStatusTimestamp = 585340393ad0da01	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\DataStore\OneTimeCleanup = "1"	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CRLs	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\DeviceId = "0"	MicrosoftEdge.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\006\CIStatus\SignaturePolicy = 06000000	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CacheLimit = "256000"	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Cookies	MicrosoftEdgeCP.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\HistoryJournalCertificate\CTLs	MicrosoftEdge.exe
Key created	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Internet Settings	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\GPU\Revision = "0"	MicrosoftEdge.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\BrowserEmulation\CVListXMLVersionLow = "0"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\004\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead\NextUpdateDate = "427148693"	MicrosoftEdge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Cache\Content\CachePrefix	MicrosoftEdgeCP.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1453213197-474736321-1741884505-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\JumpListFirstRun = "3"	MicrosoftEdge.exe

Suspicious behavior: MapViewOfSection 8 IoCs

pid	Process
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe

Suspicious use of AdjustPrivilegeToken 4 IoCs

description	pid	Process
Token: SeDebugPrivilege	1376	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1376	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1376	MicrosoftEdgeCP.exe
Token: SeDebugPrivilege	1376	MicrosoftEdgeCP.exe

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
5032	MicrosoftEdge.exe
4700	MicrosoftEdgeCP.exe
1376	MicrosoftEdgeCP.exe
4700	MicrosoftEdgeCP.exe
2704	MicrosoftEdgeCP.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4700 wrote to memory of 2280	4700	MicrosoftEdgeCP.exe	81
PID 4700 wrote to memory of 2280	4700	MicrosoftEdgeCP.exe	81
PID 4700 wrote to memory of 2280	4700	MicrosoftEdgeCP.exe	81
PID 4700 wrote to memory of 2280	4700	MicrosoftEdgeCP.exe	81
PID 4700 wrote to memory of 2280	4700	MicrosoftEdgeCP.exe	81
PID 4700 wrote to memory of 2280	4700	MicrosoftEdgeCP.exe	81

C:\Windows\system32\LaunchWinApp.exe
"C:\Windows\system32\LaunchWinApp.exe" "https://github.com/pankoza2-pl/salinewin.exe-Malware/blob/main/salinewin.zip"
1⤵
PID:4416

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5032

C:\Windows\system32\browser_broker.exe
C:\Windows\system32\browser_broker.exe -Embedding
1⤵
- Modifies Internet Explorer settings
PID:1596

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Modifies registry class
- Suspicious behavior: MapViewOfSection
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4700

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:1376

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:4316

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
PID:1792

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:1924

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
PID:2280

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
1⤵
- Drops file in Windows directory
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\BU0KRETY\edgecompatviewlist[1].xml

Filesize
74KB

MD5
d4fc49dc14f63895d997fa4940f24378

SHA1
3efb1437a7c5e46034147cbbc8db017c69d02c31

SHA256
853d2f4eb81c9fdcea2ee079f6faf98214b111b77cdf68709b38989d123890f1

SHA512
cc60d79b4afe5007634ac21dc4bc92081880be4c0d798a1735b63b27e936c02f399964f744dc73711987f01e8a1064b02a4867dd6cac27538e5fbe275cc61e0a

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\PEK2B0VJ\favicon[1].ico

Filesize
758B

MD5
84cc977d0eb148166481b01d8418e375

SHA1
00e2461bcd67d7ba511db230415000aefbd30d2d

SHA256
bbf8da37d92138cc08ffeec8e3379c334988d5ae99f4415579999bfbbb57a66c

SHA512
f47a507077f9173fb07ec200c2677ba5f783d645be100f12efe71f701a74272a98e853c4fab63740d685853935d545730992d0004c9d2fe8e1965445cab509c3

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\Q4Y51XP8\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3WPMKCQ\app_assets_modules_github_updatable-content_ts-fd68b41b03a0[1].js

Filesize
20KB

MD5
6221c078a864a44d6f8c7cda5f00a190

SHA1
e6fc8b855af415ae905bb866282ab6a2491ec9d9

SHA256
e8af01e6a1060dd7de4a5f3e6baf75fed314ade81384ec116e778d29c12e3b9b

SHA512
fd68b41b03a03926198052f844a02a4db8b0e1d954ff8c809169010f5c730acfab06c20dabf7a30185b1e88619170db98d690fef2a29163cd64f6b6e3eb6f1f1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3WPMKCQ\behaviors-ac844bd01e4d[1].js

Filesize
224KB

MD5
2e5cd985ad7af4983afc7f772f55c9c3

SHA1
064f70fa04f8670b6d16a254f10d404712821b6b

SHA256
f6e4039415cd9b4925ce294afef670d57716f6b2684222fabe5d84482a75fd36

SHA512
ac844bd01e4db5a1e03fed877497e992918ed5e9c6c94a5840cf1335496de597d512bb2537b76897015a733c672e6845dc2a02ee5d9fc25fd4a86e8135f93b1a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\N3WPMKCQ\vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71[1].js

Filesize
11KB

MD5
c59673d413609f36559412bd12b5776f

SHA1
7cd5f0a997f4d154400dacbfcab376395009f690

SHA256
eaeb0852cbcffaef96c7a00b0080169f4aa752f0f1d5cafcdf6177e2d0698c5b

SHA512
2ea61fcc9a716eb3452f0b6d6531d0c724f69aa55a032af882eaae96f7f59bd26f028f1832f1aa65bc6fe90612acbf145249cf83b285399e8e4da7fc4c9ff5d2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q0NOS70G\app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-467754-acdbd37f0cc6[1].js

Filesize
16KB

MD5
4f80caa001a5561f6e22f61aa8d6d052

SHA1
9e9d45ea03421ee30efb50c5f69dcfe59b28947a

SHA256
b877a6bd758a313b693053fb91fb71ee03864762e180f1c5ee1d15aa09c8e4e6

SHA512
acdbd37f0cc63d23c0585ca2d9fc69f3acef062a856fe748f08c1272b2c8dcf74e0de9d082481242969bb5cd0c758709085f329be7b04a1d24d736a1ad8f6f5c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q0NOS70G\app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-26fa06a2383b[1].js

Filesize
11KB

MD5
b729380d118189b59313786ae3698512

SHA1
a203b21b3594360c9b7abfe073331a0b7e366e1d

SHA256
24a38dfe9e57849e15a7392d292e5d4e579149e1b7b493ff4b0b5a125aa5d0ed

SHA512
26fa06a2383bd72c27d3411aad8fb2fe1042904702be0bd01ccbd90090d6002c55b45fc5b7e6ef9ded6a89eef47d83e99ca12ebd6c7d1897429619d2a3376980

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q0NOS70G\app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-4a1d8a9ad687[1].js

Filesize
14KB

MD5
e4fa0e3fb11e23ede7319a85659390eb

SHA1
ed98490a5bc08d6361da27bceda77f4297ccd7db

SHA256
1a8b779a72ae9597b96b8a974e1d68a2d1422e142bdfef85555c8d82cdd8cb19

SHA512
4a1d8a9ad6877359ea6ccdfa7bd5ada803af63883e486ec68e5b645647885b667071a7709091d9f0ed3bed87d93b85925d10122adc40480474b748eaead950bf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q0NOS70G\app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-c96432-a9a6d17d145c[1].js

Filesize
5KB

MD5
663e02f4c3ca6eb1b91383472b6def72

SHA1
e66b335a36d62d3eb0a9b43be49178864d631719

SHA256
5997cfdaa3190da22c1d5ae348eada29c5b069c357ce5fab008b5fe80aff7e2b

SHA512
a9a6d17d145c42913a41cb530a9f5289f42f11591e5cc609285bb4f55412ffbf5baff59fc38c83ddc7fa095a149afd6d4c05deca99d0f188eee1b8d66881508d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q0NOS70G\app_assets_modules_github_sticky-scroll-into-view_ts-4dd22d959621[1].js

Filesize
9KB

MD5
59a8ea8d620de7752061616a278e4d87

SHA1
31feaefd3b9af7435d79c8cdeb1ad423267b3560

SHA256
cbebd4bff2a4b53b855d8738823a50c00b6ccc3465bd6f4ceb07fa5392b4044a

SHA512
4dd22d959621586c28bd23a0af0cc613bf491bad1abaca651ca89f41c08b9e07703969f26f12d2e80ba2afcec5c77b06276394df752ef290ea39e25d922032bf

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\Q0NOS70G\salinewin[1].htm

Filesize
157KB

MD5
470def20823e4c7153beda04efc55b9f

SHA1
177296e4d78f631abeef5ef33394aeea0dbbff48

SHA256
f4c289b2cbcfb62ac446a22da0e7f4f70acb2879c740c6afc52e6512eb92acc8

SHA512
f418465343740de409661cde6bec3e830e6606001287b12a1d14c31d8acca29782dc2cb8feea3f97ad81c27e7d8b9c73115374b68bac64274b0ff1dee9d86087

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\app_assets_modules_github_onfocus_ts-ui_packages_trusted-types-policies_policy_ts-ui_packages-6fe316-d97d91568d25[1].js

Filesize
12KB

MD5
358ec217975686357e968f851647a54b

SHA1
2db755535a69ae9c6b2e7343699e98f8b210accd

SHA256
b8aed59af3143eab2537009b0ef748cf5a3f7e9c3bc15065bc0e86cecc079761

SHA512
d97d91568d25d2a5c0dbe366acbe75939ffa2331dddf9b2bf5ae8639b3a52682c034db662c179512a625253a1ba035d97832c57c5a8dd4cdda31ebe70d6d192e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\element-registry-91d3d26e0e37[1].js

Filesize
44KB

MD5
444db72c171c213cb1af90e54335f58f

SHA1
000e4986a1da74a51c571ef069d36be954d4d57c

SHA256
8d9e7ae8238232eee1844c3607cc4bb5fa772031497fff4080eb2fd55a5874c9

SHA512
91d3d26e0e37a72026e23ce7c240df6b5b684beae8e0e222db8c8163a2ab6fae90111401a31c55b378fb71809663817f9856d7aa580206fbfa311d0eae927b0d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\github-elements-a67805df382e[1].js

Filesize
32KB

MD5
a428a403d9dab70aeb916d6281757aac

SHA1
d1f17a32e4af5d85a4cf7f0093d163b86867b322

SHA256
35ea85d1b4dd429b33323eb1658f2464c6b356bc2ec18232087c3c9205df80a8

SHA512
a67805df382e6605efc385d8de68f1844bbe449a49c1921e134d22e8f7f04159cddd5537ec17d4e4dd6371221469516c83188324c29dae1398cc38374ea69720

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_braintree_browser-detection_dist_browser-detection_js-node_modules_stack-68835d-59206c834a41[1].js

Filesize
22KB

MD5
abf8524a6c1a2fc5f65a74a2521cfbad

SHA1
d4838895bafd2811e6a4a26e2ea6803a47deaf5c

SHA256
2af5ea5aa242790fded3a159d028a9f851c3a8890e3edc18510c418a78aa926a

SHA512
59206c834a4132ef80c94a3df56d7439d7586b4b0eb4c592cc91e52c2d458d4cd85951335e424f88268b8cc7479de0d1e0a6300a7b16424e566ccf412fa3fc32

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_color-convert_index_js-cdd1e82b3795[1].js

Filesize
12KB

MD5
87c46393d70d0708f35f0a6ebfc12ae8

SHA1
ece46c81959bf53bfe6b47b7fadcd897fb701f1c

SHA256
61a2b49283bb67e9efad2108e5afadddd7f6fcc9677842529de7560a2f840a1a

SHA512
cdd1e82b3795fb1404a063acabc4a4d6439aa10c772614c4b5dbb46bebd7297b63326bfaf0bc92475496522ec14e71d6f031c76e5aefb62793efe97a6869a4f9

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_details-d-ed9a97-dfdebffa4a55[1].js

Filesize
17KB

MD5
7f7fcca1fd0f56ab89999252b6cb18a0

SHA1
b21807ff01108922f3990051dda323ecc72cc025

SHA256
59baacdb269857c460ed582447a4ed222c995a5908af7c211c50b6373d9f9ede

SHA512
dfdebffa4a55e1535ff9c5203bda1729dc09837727e1479b8d6b1b7e27d14514cf4a3ad6f928a97a05e9d013077faa5aa882f27542f065d0c1a486918a1690e2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_clipboard-copy-element_-782ca5-14181f295dc0[1].js

Filesize
8KB

MD5
00bca5d88a27f2016abb0defa427aa2c

SHA1
b43423611b166e0be508f3d5a31678a7da84d216

SHA256
32e943a533af946e453fe4365281698f08957e56087265465cf356d4fe8d09c0

SHA512
14181f295dc0fd7b5276e98dd0d4874a805d55ddced5289491eae9355bc5ca96fec0bfb5f1e9fc70acb46951fabc932fd12b3795e5dfd84f6d7043c390d89549

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_catalyst_lib_index_js-node_modules_github_hydro-analytics-client_-4da1df-b779d50bdb3a[1].js

Filesize
9KB

MD5
50448ff6e3594836bd2e733ec75c1560

SHA1
a83300f3036ad084414f3f82756ced5916e7c9f3

SHA256
e34b28885cbcc5a3ae60e3ba177c200481bdd57252f054b68dcc576c64aa0925

SHA512
b779d50bdb3a5cc41c00beed10b99a4acb0a3edda72e01a20dd94f3a38e1b6b368c6a58ee315837681b98629c9d691e67918bf6f1c3c38e6414e749813af674f

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-c238a4-a49e223f0ca2[1].js

Filesize
119KB

MD5
a5e1e0564f71d49f43a4397daa040e1f

SHA1
ed575678e094f9aa8b1efcc8efacbdea28312613

SHA256
ae593f980d22025b4addbc53f5759132726b668e51937aa5b28f556ca60bcc9c

SHA512
a49e223f0ca2cfd676b4fc006466ee5ab270ffa9b7b34b1b55fefcb223d7df9572ceb128e7eb1e5bc8094e637d864d3ca580fdb01a1f45f97ded3994bb045edb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-6e6f83bcc978[1].js

Filesize
18KB

MD5
c51750a26a33cf80e50f4a3d0aeb6892

SHA1
e98129a8f85a2630c649dc239a94d87eaf04ae4a

SHA256
9ea40b58c32c154e2cb17834f70f7bf8c6049bac1dcf640bbda8a8ba1e0f7670

SHA512
6e6f83bcc9782b534fb50f26d877fe691ced39bf579844a5f4667460de9d723d918d312f7f1454f29ab63bb9263f5364339f3022c8c33b8c7ce816e869f15eb7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_delegated-events_dist_in-3efda3-bd1c71f99e25[1].js

Filesize
21KB

MD5
1955050e11bcfaf6b501a81ab6729d84

SHA1
2daec43c80e5e92599c034b190da68a934efe14b

SHA256
f557a2bd4def3606acae6976cac7015015114bce0174c0453dd455681598d7bd

SHA512
bd1c71f99e25ccfce2a1114d47a91371bab2e56cace6651090129456e47172f00182743a9d730be668ae6ab3ce88ee04caa64bfe7d770a4d6cf46059b0dd4f4c

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_morphdom_dist_morphdom-e-7c534c-38ef9cb819da[1].js

Filesize
5KB

MD5
aa4c52e8fac146ce10e31582ba0c7919

SHA1
2d613743a9eff7a2fe85ef30cfcc952e77545f02

SHA256
b77aa63c182b0f68b05072941d4f6cdcb6935cff8c70128e799e014de8887c35

SHA512
38ef9cb819da19c331e96f19c1d75e8e34b13499c39964f41b8a9ccea0fab4a211c09e11d35919e2a4e49ec1a503f710aa85314df1a9302c0bd8eaf70def4c27

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_smoothscroll-polyfill_di-75db2e-e091a6d939e9[1].js

Filesize
13KB

MD5
2658fa77142d9a38479a85ac41a84cd9

SHA1
417a3064a34999df6f67518c7aa080e63b7104dc

SHA256
3f9c752182a74f07c7bb37f01119db83f14577a530d19f3899bcb4a448d838a9

SHA512
e091a6d939e958655867ceb841eaef2a88066134a1cf9e6bf948166b3d6dcbfd055be57219c4c653ac09319960312b0b0e632163cf43f07a68f54301f3addac1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_textarea-autosi-9e0349-7c78ee755ad3[1].js

Filesize
31KB

MD5
732cd9c6c7f52671f1624fc217dc4977

SHA1
ac41db2f8a9f5c7b1fe92a55d92df974022e31f5

SHA256
3c6724b93fd62f64bc48be487bdff98fcce880a50cd2ef427bda2533d754475d

SHA512
7c78ee755ad3f4805b7a27395bdbeac8c66cd77cd40d65ea95f4179500f0ba25d96ded539475c671160d73a60aa20f2a87cef38098800c08cffc02de3c1ed7bb

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-893f9f-880ac2bbb719[1].js

Filesize
9KB

MD5
6fee5ae66b3515a659af0ef1e63104ef

SHA1
2b3cb4839002d6ec44ae230968bfe3ba30fa5e00

SHA256
0c05a71ebe46d680af577222bdea67e723372a350cdc0dfb0d4f1c0b4d3e7b58

SHA512
880ac2bbb719b7dae39e8de2da4d712fe8abe809aed99d81f01c988b484bb36d1844cc287e6439f2b2b2d47150dda8051bbefe71d4116ec1b1060f9758ac62c7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c[1].js

Filesize
9KB

MD5
683a7fe431bded8fbbf7b5189a1b8209

SHA1
2fb527473877ea06ec6b023690ce933c216c5d07

SHA256
f87c5b59b8f353c8762f2e44e1f82feafab882a96a0fad135dc6fc1555872ab3

SHA512
9f960d9b217c457d467a9510dd9797c4ec9df9a892c0a3e1746b2b87dca8ec191dc901e983bc509bc282004967b6fd588dbff5bf70bc7e20a5ca32bc7f1d772a

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_session-resume_dist_index_js-node_modules_primer_behaviors_dist_e-da6ec6-77ce2f267f4e[1].js

Filesize
8KB

MD5
4c374dbb8b51ca2a17089f1cbe0d81af

SHA1
16780554210360605236977d3220e017ef6af907

SHA256
a2fe57f312a0e894c2ac18814d3d96185e35248ff0807578f32132134c9b333b

SHA512
77ce2f267f4eb27e280615a84be951e6deefeeff796cf216dcef3366c68b03e609df7b2fc6e437c6ef3e626f80ee9469b9dd4a2f9a6606be2878d71980f8aa1d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_text-expander-element_dist_index_js-b2135edb5ced[1].js

Filesize
11KB

MD5
3f5c04894f0202a67ec6f0354c1f9acd

SHA1
6a6bf35008b0121bb5806e68bd5f87b20ba72f17

SHA256
0dd1ec9da83fce11b3bfecf9aed67d4f33f7a1d4bd3f04dd1ed941f3b4c8b3fa

SHA512
b2135edb5cedb3b45ffb96906170b242918156621c0d13000d18ccffcd2f20c2f1e2827b391cbe89f499745b748ae99bc51b972b4234ba739624caa4d2e33862

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-1cea0f5eff45[1].js

Filesize
75KB

MD5
da12b1c4b7ef43005058dc23dc1c9241

SHA1
ead4a499250e02d02de785d57e9c9ef0a5479246

SHA256
e5fb7f565280a04a61ee0cb172345c19f4e3fce199cdf6ba8c7d7a8d1485bf53

SHA512
1cea0f5eff456dd50d0ba331c24b25c3e46cac17f8486fff1d504dfb4b08de97b1c9e0f20c9f97f5a2e2d252096cefd77ddb5876d8d941b7e4e23cc1947d84df

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_lit-html_lit-html_js-cc7cb714ead5[1].js

Filesize
15KB

MD5
044ea6b19bdb237ca2c2911dd285d4f1

SHA1
9451d4ebea616500153220d7efa137cae5520087

SHA256
a6d419935f6f293c3fd5b543ef57c5cb3b22ebedee6b1cda1b9ca45e36667c0b

SHA512
cc7cb714ead55b9a08ad75ab729ce084785a6287a782dc6f10aecd0af788c0070519a84c3fc5f197cfd99ba66891d988488920fc1e225f6e0245600870dd9aab

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-b1947a1d4855[1].js

Filesize
8KB

MD5
9df3b614049471137f614271f8e15f99

SHA1
d85e313268cc2ef1788b1a8482a2d0cf8d1e4005

SHA256
51f1f221edf00dd3df759a4dfbdb1da5710234f20c31f31e3b164f0aa9e2358d

SHA512
b1947a1d4855f3022c3bf10b14b5cb764e72259550236e9c88903f78c558824107c651dc080a33ca768eb47be448a8ccf54e345755067a555147b93ef55938d7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\VJ3RABH0\vendors-node_modules_scroll-anchoring_dist_scroll-anchoring_esm_js-node_modules_github_hotkey-1a1d91-56e858031112[1].js

Filesize
12KB

MD5
474d1df4fddae937059ccd657f65ea93

SHA1
dbfb37d0db3a3d6025ffc8404c5cb273da35e0d8

SHA256
b14e682fcf653dba8f3ecc7093b38c6e3279c24efa9d604286b521ad622bf07e

SHA512
56e858031112bb52548d959ff05d1885a1b4d79143d1a3c8e8837c93eb314f2ce44954e5a33d957b81cb792a4a4fa5adf7d90b1b39722440678157305b79fc35

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\code-68246ade0881[1].css

Filesize
31KB

MD5
fe41b1cb8984b058bfd6c43611979fc3

SHA1
616c5338047325851951b95d62697c7704fbeb84

SHA256
6bd08573fa902e0e9cbf42b593301403596ab6159cb3d2e079f6899ae67caed4

SHA512
68246ade0881d2a4402015f6106d495e4cb4810f692639c3f19cff896a2bdbbfa7ba467ae09e4d2931495ef91cd935db30fafe04d53837b03841259ddb44d727

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\dark-6b1e37da2254[1].css

Filesize
48KB

MD5
96ba1deb375c1c66bb092fa0a1765be1

SHA1
03f188ec52d09882b8403ed57d7aa73a224ddd62

SHA256
d6bc29d6a4e33c7f4da1d4b8060cce6dedf384d7334b71661c277e985ef8c156

SHA512
6b1e37da22544d5626c6f78691a8d8f723c49c95a782f5195f4b00b0e1b9d4408402c25d5915e097ef31273c3c8d06d81d1ba1bb08e12677941b8b1f24d92848

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\environment-a36e9a1c67ad[1].js

Filesize
13KB

MD5
fe5e77781f5e74ac7edfa1020db49504

SHA1
3de188d77b937967365332230fda59bb64c35a4a

SHA256
b563aa76b8d16d0725359ed03a55d4ebf733fab6a192456d1f1f56bad6cdc2ce

SHA512
a36e9a1c67ad0168f49fc2c92e88bdff82cd79f501115d698a7ad86eb3f09576e7dc4ad052d18afae98f7a7f7a2198e36b8a53c8b28ce708b6bc46ecb0390b3d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\github-0c7b5281bcc9[1].css

Filesize
124KB

MD5
d93b35eda2f4e99e5555c4cea314c18b

SHA1
1a15f9f64587f5a46a30b532854dc6a5896fcd92

SHA256
92c3d2d683bc4cdc52cf25451b52341558bbf6665c9c326aad3d3c2ea0eb9372

SHA512
0c7b5281bcc906111ee12a6f34797663bbe3924ed4ff2cd28e0e73d7e2a810377c86a3f5ab7385b2d14ec435b95d3def93cbe0fca0e91a600dd18c30522ad85b

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\global-526475a50099[1].css

Filesize
282KB

MD5
1d84a1218ac4d2d6fa58318b710fe1c2

SHA1
f33f74eebebb93f48ac3f28b2f1572855193f5ad

SHA256
8336cf6cbcd22d18cf68eedb45141e5724c1c9bfce2faa71267c528b79d0c085

SHA512
526475a50099a490a578e32b99e08001ebffdd18efd062ace4147a0eb2c126ba3a94dda0a720002ba930c396d73b30ac5af439f28798af2693d7a1116af204a2

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\light-efd2f2257c96[1].css

Filesize
48KB

MD5
b8473fdb0f4749de99341662aec850f2

SHA1
f593c957a26528558217837aead34cf718d27443

SHA256
8aabc55d211fc93acb563c9cf30732577212a998196f73b067f9795c8d1ef72b

SHA512
efd2f2257c96c12eba6da741c677030ac63c34a925846080ec606e5a974706726479bd5babea6dd0ac7e8e421704263787986fb07a9c384994cf403bf8bc3dee

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\primer-61560ce103d3[1].css

Filesize
333KB

MD5
b63465c413507e26ce54c310a3e81e03

SHA1
30c9cdba12c188bdce1a34c13208f3cba3e92dea

SHA256
029c7bef0b2978a1be61d7d391a7e2aa5c9107f036de4b119f5bb6a0065f2226

SHA512
61560ce103d3f85f9b3b05343e8ec64617b939023e299c39309e47fdc7571983778f24de93ab2edeedaf095a648d7a2b14e473d8b8cbb89d783054d9738d4ec7

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\primer-primitives-8500c2c7ce5f[1].css

Filesize
8KB

MD5
e9c08b9ba681ad6606bd18f264e73ef6

SHA1
04d1e96739d82e07587f10bd2d953c8e70b93d9d

SHA256
b08c9718118f5b814e632ac3dc0d8e009e5dc2913df183f0ed322e6817e997df

SHA512
8500c2c7ce5fdad5fa01aa92156964108335c704a127ce290d201395009914c814ac6e08a467e45d1ca0fc75b2269b7f09a6d437939d91c9513c659a80cf472e

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\repository-7247b57543b3[1].css

Filesize
29KB

MD5
bfa00aec8ff741ce867de0296244ccf5

SHA1
fd59dc7ebf94af2aa56b025955fad2cbae9fe3a0

SHA256
ef3bc926d6cc94fe776744ce16c2adefdc2e61ee37be03972eed19b5bf332a74

SHA512
7247b57543b3ebd9f46dace09672f6091da69bdd6e99a46f2191e3c8fa889588f3237d05f7ea6d2025203b1adcbb941a536c8876ba3b9bec9b97a0a792577aac

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\vendors-node_modules_dompurify_dist_purify_js-810e4b1b9abd[1].js

Filesize
20KB

MD5
917054ff94af6b65ef610aa7b541865a

SHA1
ae699adc368c0bddf428d4f17cec479c6d96cd6c

SHA256
3b0d2012948870af14b480bed5535b34c5f7e649a2c9c13234c319fbf8d2d7db

SHA512
810e4b1b9abdcf5f10506f484ad38bc17cae973d1609d2d8d51bb4a8eb8d3c542cacfe6e4b1c31a062238087e216dfe4206064e8c1dc4cb5d961fc8e97a5a1ea

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-4ac41d0a76fd[1].js

Filesize
9KB

MD5
4e684fa742abc9befc4748e8a4680586

SHA1
25129f277cfd66774a3c47db8b22c19b364bdc25

SHA256
97652a00703643a49de00ea59316fd488cf72429b599a62d7cfae464f7bf5a96

SHA512
4ac41d0a76fde41832af2c742d4a063ecea83aafd5233ec46f82938fd5ba06aebc0a69fe241df477fcdf08b1a8e6d6f02e0a42669a351ea50b3056ebc8eefc9d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-03bcda509ec9[1].js

Filesize
8KB

MD5
9c0205fabb4f94dca52960b723fc5109

SHA1
071fef19499834648d03f1b7a8ab9d520d6b1d2d

SHA256
d7c92cb4874d08bc420ab20d970c0ef1c5f26e42cea345cfccf4ab5653ec219e

SHA512
03bcda509ec920f11c1b207daeedfff343652e3ed217ae635460f93400da589c2ebe2c14bd477f8eefd994d088d3e2ca0a3042cc9c484f05b518a95b1af61548

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\XAFJWVTE\wp-runtime-fd59e65a3e44[1].js

Filesize
49KB

MD5
94fdc2c184632dd60d9b7ca5c8b458db

SHA1
fb0b7692cf437206592df2d041143fdf507eda3f

SHA256
8a5fb24b5d7d837e7a6dd68bb57570c4c3cbea6116306bddf23201b895efecd3

SHA512
fd59e65a3e446ce0fa2b3f986808c8ca6daea71304f237815a15af9f8bca9e94f2ffce0d57cbed49d4c956fe0578cf6d15be5a5fd3f4230ae7ca48996ee17c9d

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cookies\FARI6ZNR.cookie

Filesize
167B

MD5
d105832c16b28bfad70247e1d60bc69f

SHA1
63fa195ee9b1710f42211bffbee9207a0284c01c

SHA256
932919ff8e38758bd1e128d48539e82e63460462ab1a0c22cc7000fb14b8aace

SHA512
25f17cbf313efcd9082b2ed389540588aa2487c3029c4cb771e7390b847e61189502421aa13a0b3532d8dd375f004f57ba806436f30af94e568762a6393fcab1

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\A66A8DB907BADC9D16AD67B2FBFFDD5C

Filesize
281B

MD5
850cb711342bb65da4f2c582584205f5

SHA1
c0817bca8bfa478efa15674479744453e0702cae

SHA256
55b6fae960840b7986ce4cc23c47f4159088861bc5add75069291a18ced4d426

SHA512
e84661aa9ddcd4b752bbd44dbb7d55acc084f9e7fa59eaed932485c55a0e04122eeb4e4663f0652eeac0f098fc495305cda9f10819af1928be7955a5e5535ab4

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

Filesize
1KB

MD5
013ffcf22f1e497c7bbf1afdb9d584d3

SHA1
137b111877e3fbbedbbe8d98be1d599ae9c44c65

SHA256
455e7d947bcb902a02342297ca9ed1a64b79457dc6dd41985a0d3c0d3db85767

SHA512
02044fa32d92d98b12b4d08b0ba1ec63d71f04a2003d37eeb8dfa3259a21fc00a3b525dde67f8bd9f458bddbbf0f1cf1520086490f1a3b40575be9e2dd46a650

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\Content\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

Filesize
979B

MD5
59294aff5be3ed6424495b4d53165776

SHA1
9e36fcd8519b7d2d7b81dd0aebc8145d3b395349

SHA256
f5fa388efd78c1d82af37a382df0c437d3358caf1432ff2b047e9ff176803d5d

SHA512
c1234131953ffe5d747ff9decdf43516927c3a31d00d5dac134313abc13f6b67baaf7cbad05283e5e650926034b7ea799151f5e5ba7d3962025357d28547df56

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\A66A8DB907BADC9D16AD67B2FBFFDD5C

Filesize
480B

MD5
6f2dc0089f33566e4041766eec62a9f4

SHA1
565f283828d32e5b34f6bfaef19b70988c08169b

SHA256
9be87a7d800521c9ad6c446cd0f7dd3876b15b6d162caf5f3b26b206727e72f4

SHA512
a03a69145e5846db476494a712e9e8375c1e9ebd14f115a8ef8b46d1e175060da1bb80da3fb0cd2e0077ba0a5e5a652270521ea0be3b73ebe84d461a5faa7490

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\B2FAF7692FD9FFBD64EDE317E42334BA_89854CA6A0F0936A4D2ECA78845CEA25

Filesize
482B

MD5
31b07450025a6b365595926277668b5d

SHA1
8d70a06979c49ec45c67c319613af95f876aba28

SHA256
43230100b0a816be3608af2c7258fe09d0d3cdb55b2469c8a6af3d823b342e89

SHA512
7ca0802696087b9a3960d89b02024324a5782f9105112c90866a0cd4697f631c096943ec537461fcffe1e60e4784eccb58f1dc9667da960d5654903d93c21ffc

Download Submit
C:\Users\Admin\AppData\Local\Packages\microsoft.microsoftedge_8wekyb3d8bbwe\AC\#!001\Microsoft\CryptnetUrlCache\MetaData\D0E1C4B6144E7ECAB3F020E4A19EFC29_B5F77004C894173A10E3A199871D2D90

Filesize
480B

MD5
285e75be41b3995aa00c84f980199b4a

SHA1
ef60754897014226e87e864562b0a0ee4a6576e6

SHA256
e5f9c88be706f99e0b361b4cb13c90b7716f618c2424e2e01cc6178665851357

SHA512
f07e9154c56b715c0bff3d5c6bdb0682fafa379ac5329487cf3095edf76a122366cba376b5b65ee71ef595899739ca062bd6dc2bb45f95a2a72268cd4d422ce3

Download Submit
memory/1376-45-0x000002D7A5F00000-0x000002D7A6000000-memory.dmp

Filesize
1024KB

Download
memory/1924-195-0x000001CCF66C0000-0x000001CCF67C0000-memory.dmp

Filesize
1024KB

Download
memory/2280-242-0x000001F8F0F50000-0x000001F8F0F52000-memory.dmp

Filesize
8KB

Download
memory/2280-231-0x000001F8E0740000-0x000001F8E0840000-memory.dmp

Filesize
1024KB

Download
memory/2280-238-0x000001F8E0490000-0x000001F8E0492000-memory.dmp

Filesize
8KB

Download
memory/2280-236-0x000001F8E0470000-0x000001F8E0472000-memory.dmp

Filesize
8KB

Download
memory/2280-234-0x000001F8E0450000-0x000001F8E0452000-memory.dmp

Filesize
8KB

Download
memory/2280-244-0x000001F8F0F70000-0x000001F8F0F72000-memory.dmp

Filesize
8KB

Download
memory/2280-240-0x000001F8F0F30000-0x000001F8F0F32000-memory.dmp

Filesize
8KB

Download
memory/2704-280-0x00000123E8210000-0x00000123E8310000-memory.dmp

Filesize
1024KB

Download
memory/2704-267-0x00000123E7CE0000-0x00000123E7D00000-memory.dmp

Filesize
128KB

Download
memory/2704-277-0x00000123E7CC0000-0x00000123E7CE0000-memory.dmp

Filesize
128KB

Download
memory/2704-297-0x00000123E89C0000-0x00000123E89E0000-memory.dmp

Filesize
128KB

Download
memory/2704-303-0x00000123E8AC0000-0x00000123E8AE0000-memory.dmp

Filesize
128KB

Download
memory/4316-66-0x0000022FB7300000-0x0000022FB7400000-memory.dmp

Filesize
1024KB

Download
memory/5032-338-0x00000192531B0000-0x00000192531B1000-memory.dmp

Filesize
4KB

Download
memory/5032-337-0x00000192531A0000-0x00000192531A1000-memory.dmp

Filesize
4KB

Download
memory/5032-16-0x000001924C920000-0x000001924C930000-memory.dmp

Filesize
64KB

Download
memory/5032-35-0x0000019249DA0000-0x0000019249DA2000-memory.dmp

Filesize
8KB

Download
memory/5032-1-0x000001924C830000-0x000001924C840000-memory.dmp

Filesize
64KB

Download