discordrat | hxxps://github[.]com/Yodusa/Discord-Account-Generator

Analysis

max time kernel
1199s
max time network
1197s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
11-07-2024 16:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/Yodusa/Discord-Account-Generator

Score

10^/10

discordrat persistence rat rootkit stealer

Malware Config

Extracted

Family

discordrat

Attributes

discord_token
MTI2MDQwNzQ1MjQyODUzMzgzMQ.GYv6Cs.bHorOgR3dzpv33F18dZaRpWKB43NnKIjozVcS8
server_id
1260407315073597510

Signatures

Discord RAT
A RAT written in C# using Discord as a C2.
stealer rootkit rat persistence discordrat
Downloads MZ/PE file

Legitimate hosting services abused for malware hosting/C2 1 TTPs 19 IoCs

Web Service

T1102

Processes:

flow	ioc
87	discord.com
91	discord.com
130	discord.com
131	discord.com
133	raw.githubusercontent.com
137	raw.githubusercontent.com
71	discord.com
89	discord.com
132	raw.githubusercontent.com
134	discord.com
72	discord.com
127	discord.com
138	discord.com
139	discord.com
126	discord.com
85	discord.com
125	discord.com
136	discord.com
76	discord.com

Drops file in System32 directory 2 IoCs

Processes:

chrome.exe

description	ioc	process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

msedge.exechrome.exe

description	ioc	process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133651886067689504"	chrome.exe

Modifies registry class 1 IoCs

Processes:

OpenWith.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings OpenWith.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-701583114-2636601053-947405450-1000_Classes\Local Settings	OpenWith.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

Processes:

msedge.exemsedge.exeidentity_helper.exemsedge.exechrome.exemsedge.exechrome.exe

pid	process
3892	msedge.exe
3892	msedge.exe
1796	msedge.exe
1796	msedge.exe
4712	identity_helper.exe
4712	identity_helper.exe
2796	msedge.exe
2796	msedge.exe
1580	chrome.exe
1580	chrome.exe
5748	msedge.exe
5748	msedge.exe
5748	msedge.exe
5748	msedge.exe
5636	chrome.exe
5636	chrome.exe
5636	chrome.exe
5636	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

OpenWith.exe

pid process

2736 OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

Processes:

msedge.exechrome.exe

pid	process
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

main.exemain.exemain.exechrome.exe

description	pid	process
Token: SeDebugPrivilege	1512	main.exe
Token: SeDebugPrivilege	3344	main.exe
Token: SeDebugPrivilege	1644	main.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe
Token: SeCreatePagefilePrivilege	1580	chrome.exe
Token: SeShutdownPrivilege	1580	chrome.exe

Suspicious use of FindShellTrayWindow 59 IoCs

Processes:

msedge.exechrome.exe

pid	process
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe

Suspicious use of SendNotifyMessage 48 IoCs

Processes:

msedge.exechrome.exe

pid	process
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1796	msedge.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe
1580	chrome.exe

Suspicious use of SetWindowsHookEx 17 IoCs

Processes:

OpenWith.exe

pid	process
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe
2736	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

msedge.exe

description	pid	process	target process
PID 1796 wrote to memory of 2612	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2612	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3456	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3892	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 3892	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe
PID 1796 wrote to memory of 2828	1796	msedge.exe	msedge.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/Yodusa/Discord-Account-Generator
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1796

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd23bf46f8,0x7ffd23bf4708,0x7ffd23bf4718
2⤵
PID:2612

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
2⤵
PID:3456

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 /prefetch:3
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3892

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
2⤵
PID:2828

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
2⤵
PID:4332

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3312 /prefetch:1
2⤵
PID:4492

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
2⤵
PID:2176

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5520 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4712

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5460 /prefetch:1
2⤵
PID:1828

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5388 /prefetch:1
2⤵
PID:3828

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5612 /prefetch:8
2⤵
PID:4996

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
2⤵
PID:1868

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 /prefetch:8
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2796

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6076 /prefetch:1
2⤵
PID:2272

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6284 /prefetch:1
2⤵
PID:3492

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,14304500683810815232,14091789696535617932,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2992 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:5748

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1968

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4780

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4360

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2736

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\config.toml
2⤵
PID:780

C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\main.exe
"C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\main.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1512

C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\main.exe
"C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\main.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:3344

C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\main.exe
"C:\Users\Admin\Downloads\Discord-Account-Generator-main\Discord-Account-Generator-main\main.exe"
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:1644

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:1580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffd12e6cc40,0x7ffd12e6cc4c,0x7ffd12e6cc58
2⤵
PID:780

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1968,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=1964 /prefetch:2
2⤵
PID:608

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1660,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2012 /prefetch:3
2⤵
PID:1860

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2308,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=2472 /prefetch:8
2⤵
PID:5100

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3200,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3208 /prefetch:1
2⤵
PID:2356

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3216,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3268 /prefetch:1
2⤵
PID:3996

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3828,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4552 /prefetch:1
2⤵
PID:816

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4804,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=4820 /prefetch:8
2⤵
PID:5104

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5096,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=5104 /prefetch:8
2⤵
PID:5152

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5060,i,17549032145040907216,15331362814783859658,262144 --variations-seed-version=20240708-180128.343000 --mojo-platform-channel-handle=3944 /prefetch:8
2⤵
- Drops file in System32 directory
- Suspicious behavior: EnumeratesProcesses
PID:5636

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"
1⤵
PID:2936

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5136

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

T1102

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8d4f8d2c-3d6a-4c0e-8953-d86ab6b77f6f.tmp
Filesize
8KB

MD5
2dbcf9b0e53c4ad9151587c41c0c3da7

SHA1
05c7a03bbd1073fe604e876d78c23016dd3e76a7

SHA256
03a801c5f278fa58b27e97178a440327fa84d7360c763b6f7fe5a37d7171a457

SHA512
bfc897c08d8c3abe2946ac1f065d7d87288509a50302b6e5b0dfd080d9637da394e463eb3c274cf099463b852531d979025e7b2a3457a71274267c8c3035feac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
07bf225524cb7b7924fb8041a72f319f

SHA1
17da1d597dd7d9d75ee21fd59fc58fe66f9a4df9

SHA256
6beb87d122d2e674acd12ec897179d637b2c15a54d9b0295b804a5d92dc31b12

SHA512
3f779b1aad8544780d565b17c7256738ce3ebc418667bcbff30668a90415811d1a9cdeaf8e73a2764712cff36c28fa510562b1a9d7b4d9fec74f37a68d0f8827

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
354B

MD5
4d16fc34390e8bde04029131633ed9c8

SHA1
3df446b1149bff4a660de3ac69089fff5985aa71

SHA256
a38ac06a334190871b52d8735749af08316c18c3340300342c5699799a341c9e

SHA512
f56d640431cd9c628d66c1ac30907181afa1d86c0dbbeeb123dc1846cad4a5dce3b690ce8ac3eecfddc3d4c702a744f8a4a11cdeb4702b08f0364fa72c9c14d1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
d7c9fe675b67b2e0fe70fbe5f14c66ab

SHA1
7857f18a05ae97d51c89c6b1828174921a400475

SHA256
bf19b2039955428ca630f8feda6d8b88a48157ab3ba787b8b1bf840a926ebaad

SHA512
d72dab2f5ed155d181033f469a0453ea1375432c7cb6cf26838d7b289807381df1992ff5dd5a7c96c2f763d426ea6b5a3e649b2c73f7b235245a60040c34e035

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
5f67c36c74c61875bd2e22f2ba8b8603

SHA1
2b61fbb43a7e6c95338d622a33b4e91e62efeead

SHA256
17b5d6718b1bd59c5f19297750d8aa6848fe463a02f6b52d1a4ba1e550ba3c30

SHA512
a9ec2f82fcc7f0e9a566541d1be776e11ed9f8e5e9845a6f10f9478a4f37c6d9bff67a7fd9e88af3a055600c6f0bb1d904e946052bb78e9d72bf0f0cbe5234fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
d42a890d22b1b8a248a33dd9e02a94a9

SHA1
2b4f8cd654cdc0828d13564f0ccec24e7d9f8187

SHA256
272d086cc926440f7862c1640099cd55af279f8a04b2d3d465e1c7872d9ae048

SHA512
3e0895c0f456afee46f3953989d3b787f0114d21c0561406db6b7e9801b3f45dea63ac43615040534cc37deb7fe9ce331f4a835e767a51d9df9e874ffe4ad722

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
1680d222b83c42e963a11b832d53b582

SHA1
e2da2e0c5df698c9c49f48c85f51c9bcea95a0b0

SHA256
6660b875b26ac9abea972bade7aafad250307df897c1486947e23b88bb5c1e68

SHA512
fafb04a5bb7de2edd138f0a5b429ac43cda1e3b3b2d68fb8e482e134f66f4b71f820bafd4d345af15a0f459c0fe4702b7cd627c90c669e099dc4d515283a5e4e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
fc702d9a6ee2f86f399029beeea908e3

SHA1
a3814ed9f0d4d8ec0f172d7ea2a5f7e5f6ab151a

SHA256
0bc396d9da6e8147c42dd0d0612fe385bf38f0daa02df067ec528ccf71f72fdd

SHA512
bdffbd9b4ab4e264b14fdfae18731d24c4036d813895e921833aab436d76d03e064f4def32cc4bd0b97b436975675ac0b3583d05bd3665e893ca9ffa43151d31

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
577ffc3acb162a84440f47179452a390

SHA1
597fe340df21f485e035a6a9b5872a5c584996f7

SHA256
a7df7a7a32c1ecfc54a241bded480d4e14e565f12c951d488f36d6fa7dbd0273

SHA512
457c3985e4c8526807173c90f1ceee9526ed8890245288d0054e2006913bf810e7ddd97af006f4165af3c3754ca969dc436825dc09aad4b552601d0613bc87b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
40deb07b3ad7d4df0758b28d2177d556

SHA1
171695f8b1a0cc25d3b720fa8154aef3ba720d4a

SHA256
732b70fb17cb3b6b0ed289ae80706af4d8334e810d4fef75297d897cef10f412

SHA512
3899a278b1ba8a22b9d66596ef99b842ffbc6cd77032c314da0a6563ccff7aa2115962414c6a613f9e64920728910cb6365f0a1abe7b9169671775b85ce13c54

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
af6175b38dfdbd6a7e9b6f7bdc49de6c

SHA1
3e514baf081ab9370ebc249b18b58e73841324b9

SHA256
10ffc04b16aaae761d835e12a2167460b82932a0ac0e4358f8cffa00d40b8d3e

SHA512
982eff1d474fe1e1fbe37fe6da20aeff4eed170f4fc16f60ac74a81d0d885fc7d99256e01d86e01d0c10fbd6b53efeb1ff4ddb26ea3e1f60eb3c20529a135d24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
48f864c9158e86e6b45aa5108f98fe36

SHA1
fd48f878a041969c6694ef8df47e25cbd60e0a6e

SHA256
1ac4445be9af0a4faf2095d58c467c8ed99bc00a274a15ad579f2ee531ef2ebe

SHA512
e814768db576c5c3cc00f353787ea4c5b86068ffbf5ee1200504be3b183e80faa80c31779f720009d2a9481c2ab4b108c996c093dc48f8f7a582741993d8df07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
20980949c6db7fbea0e9cfef7c041895

SHA1
70c66ed57af52821933ead555016815beba07024

SHA256
ff3f2fc2ad1a779b720747ff0ccbf96cfcd4d490aa864c8b7621d1a5bbb00d5e

SHA512
0a644e5800f275b87c9a9ddc4530e57536f2087f3a1726525a50bf6a20e50410e6e17660f50aefbc8017d3c6b9e8e763b7cd125511c3f3ce2a4b8600f277f3af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
02416e51613f22f8d542589732a12e24

SHA1
5fa980d8a0c6a18444f588ffef376b9fefc8f805

SHA256
9265fce70658a392cb282ce34b68933c4355cd690aacfae560453927e0fe36f8

SHA512
69ec1c0fcdf527673b8bd54c15ccb6c64102c066ca267e164225b394b19559622db960d6a971cf3e1fc26cdbcf23d701b6b61951e80f80abe49ee2015980948d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
febfc7dedd3fc52ad95e125c8695ef1a

SHA1
642162c4121fe6bf179509fc44dff14c247a7bf8

SHA256
09c6243d7e90c24d9a1a88f96ff3f4e71032cb0aed37f0c2038af0e872a7d900

SHA512
1a10bc49f583b63b69662a40da9e76f72ad699891e1d14d5fb6d23b13b5c76729d6053dc4202d6e35251e03c8a5f6790033b19e58814414bbe9c3068879ebb3f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
cf9d44d7e9f94a76aaff50535f1e9d3f

SHA1
a7a45e493908538dda263da72998439e4283e6f6

SHA256
2aba940fcc1edd1610b0ebe1a4a131a2738dcd295aa97c8cd2913c8c5908b362

SHA512
c34f36b46ef32b85888459ae04214f050ce00371d1cc93ea062803f863810b7aee88636de9a8e9c0502f88f51790e00331f5b44bffb6fd24ba2f05427f7f654c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
40f6829804703ac65d098817be12ac63

SHA1
7b18b563eb0e846aaa690c1a37f0981ad9bbb48a

SHA256
49392b2a3a5c9e4f9e73863c1ed3ce3fb9d0fbe22cbcb3afc020187e5f1d38bb

SHA512
5473f26eb46c26ee74f3c8971634e71e3b0d9fad43829f4e0395273d7f90ec4eb40ce28b274a5f4e6131e4e3638ecebbfc98b9b15a21fee7e7b4c78cd8c5460e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
5ecb3b1303c085b7c8387afd1a7a1b39

SHA1
985e60294977df7bcf87815216d0f6a8316da72c

SHA256
6cc76bef3bad950a75f269cf5e8d9bbcd374b9169a37bf847b4636a4375a095e

SHA512
871e29160ed40129ba398ae8425aa6af8e758b820753a79b973a55b3c05582bab4060a8f445a9398313f1c290db3fdf1333374bec4e90eb3192a8b1e606640b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
036ba83cf49212ffadd710f01c2cbd63

SHA1
2e91ba23b87c2fe4d61c11c7cc6a6e5829d99073

SHA256
df8a32f9b66ac6665759cf448d0fcaf893212de08bcdd8bb3b3f36a26f728351

SHA512
51b3d9f5d2d576254aa7c4b4fddaafb3441dd866f4257c8c44085e10b6ddd50f38c65bf458c0deaec6922d83a8db17c0336a80e76198f005533fa6244b68e1db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
926bffa76c9f35e705f9e7e47c704f13

SHA1
a12be95f8ddf7b9353e4688b0ac618f45d923f43

SHA256
d1bb198e45c689923f76f4470ef00da50ad95518fce22ce13b34dc96a36d2071

SHA512
16243359df3ee0a1778422360fa9fe21368e530b92cc05c87cb7fe6ac3a2468f104d8af8224a3d9ce1a58103572c973424bdcbd0aae096db2635da1f842c72d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
bbc1eb699abce5fa6df94b26bfbd7597

SHA1
6493d6c835250534b597bd2e7829d96e93299182

SHA256
8de8900ee1a5fb683d028d7b2fbff418f956e26c5df8d339a41e461ed9afdda5

SHA512
2a62e2737d565e3959923d096ba9b371faa77161f1d1b9f020348336a290930350f08c915e29681cec42610ffaf6001b94c2d5a82d649e87d965cf1102aa1751

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
8239665cdda30c979dc3e8ad534423c3

SHA1
15e77b0b1aefd29445954a22394298d13e2a15e4

SHA256
2522d88d00d2d7d84c87f4aa1a7a71243f5170a7af28196b57cd8eed1bda9f03

SHA512
f30a2d2995fdfabc5d10525e28ccba27d595e64c330f655261bd52b3b8434190ada904d5111418cf2d5b3fc22ae682aa7b6ddf77018a20a876ed563847688f8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
8c6ee907c0155d9e401dbf567d27c2f6

SHA1
77fe882a1ed0d7e4f66d6d0ee645e3903999137e

SHA256
ed181b3148c30ec0add814dec25b80e3669de7a15be03e5d3581eab0bbb7d605

SHA512
35bd4571669b0d9fad97b3b52327e94e26031b5555f3bdba6e1541dbd2a7adf1541e0a371f3d6c58b01dc1b31061722a05c1114b2edf937dd3f61d8b0126ba0a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
b1cc23c5b0b33ab3a23bffa74fd685ba

SHA1
80b78935d3276a5f34a7d235e3d171f6815e28ae

SHA256
778ecacb65a5fd3bdc0a407208fb72a2994abe5778a45497457129bb1faacfc4

SHA512
fa559c0fb6a1676393542cf01a96b9e6ad505fe80495cf502beb2e45f2cc4c2fca47839f78279c48143248754fcd6e9244d242e5ef950d943fb597c9d6832882

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
9242e22293e60d540f003724e489db25

SHA1
fc6d60a62a1ce89ac5356321741cf58a38cbe6b1

SHA256
c96d8596bc11bd1bddecb5c1c498a0de0b6b60590c841124deed27f606a06177

SHA512
82893c57d670e6c9a6f513004276e14adf43d45d8a72835e9d53da994f3e8a174d6477037824c75ef5e48e6d44ccde2eff0ab8e3a75007c826c2faaba739f6b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
81c89b81356b61ec8751d64dec4477b9

SHA1
1aea989d62c7d8b9a1328d11fd46b55f5ca9ce0c

SHA256
2261ef35011b5d9e3d7a1527dfaa58432c107acb9902dcaaf23220037733c38a

SHA512
15f59557cbe0c8e4f6415e9bc4948cfaf4f3c7728b67e90df073c06702c6d5ccd3966cd93040182a664b4d7a8ded79d63fed7b25d504a7de08270f70d4394b1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
315381994d33bbf3d4bb40a717459a0e

SHA1
ff57b0ed92d38110339807c5efae29e876017b69

SHA256
adb799a0003f4b3ec67007e12cf1adaf22c0aacf613d38339ca39c4c9a54cab3

SHA512
0fbcd7ef58b9587cdab29ed6ad8d8800ae3121bd47394b8e5a1d9eb2816745d2822c5f2218f9dfa596e58216adc1fe81d327763d9b0cb2a885e2c42200422757

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
3156b12fec6ae917c897eac07e6ed11f

SHA1
c78cebfc3687d0823273f0bbe4c6530211cc9887

SHA256
e7a054f0e35bc739fdb72bdcb9ab10d799e419731ce0d03dfae717ef14008635

SHA512
e8d104f40bf993123d6c0023d275324572483d7c23668c8424d58141006fe43294cbdbba4a69e31a6c37f2d4b0396edca8d86394116acae7ffcd60d8fcaf4c3d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
442ebc921b3d13a7ac9badfbcb358a41

SHA1
6cbc6eed90862a36b2f9b56a96964e9a079e2b8d

SHA256
908ca2f762159d92a5e59900a2a521b726ce34b761742d4ffee1127d8f5bc1bd

SHA512
01485a9af15cbab1098ff2a07044a8fdf2ee0c09c4ce7792bb4c86f8ea5ac02b43d44d19a5e4c58350a681af131e0707a7c2f92681b7ed6fd7f9b749c639535e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
e049dd152090141b2a2e904470919942

SHA1
267b1bf45f2879a216f8d83b0e9f5e22a24115fb

SHA256
035a1de60bb4c53c9af52c573c38a9fb42f9e87f6f99f98152d7713ae489193e

SHA512
d26df192bd018e562ca2a6d5fe3a55defd50571bde1a8106e5f540643692e7bd06b6b87a76e7bfe77d3c5775e69ca17900068c14ef8dabaa2d21ab5d7edf81cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
4bd7f49986e753b98c3d129e7bdac7b7

SHA1
ad6c8e5425c6a6434cca48f2a0508af5e73487c4

SHA256
52ef5c6b97bda6b61052178d98ee9b98420dc7ea5c0682185af00963110b8fab

SHA512
3b106fc1a7310f119e6491e5c5a5c7a07aad48b87d83bbfc932a204eb734e47cfd9999d1d53039bb3ec8138fa98c52d783e98581c6038a29990d986c2a52134b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
924b42508ba8b478572a201ca45057b2

SHA1
7e61785b66b6daf053ccb35f604ec7336a5c9645

SHA256
fa23d03236098b11b3fa75d5defef9243883c32df0b0b5dbf9ccf4ae4c879666

SHA512
56d89b858c738e8a2958e3ede4c210f8c28c82d627b7ee724ed2a4dec50db2998680c6e8386322ed647c43ddbb26086daf2562eed979b8e93f81c3325f9f7c2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
6c5eade324875e5d94893131774a6b38

SHA1
f5a04dcd293bb0a3920d96518ddbd61498ad5db1

SHA256
465441ca7fc43e53f15bc4ca9b491e2799e5e5b525e1a9fa4ffa4ff86b9c0890

SHA512
37996cfefc6b4e5328e7eac7dfadbffe00b290c9bb3ee5effb5956761b5157797ae882f0f620a77f9a045c4d436cedbb01f627804c6f4e8b57f0e597a0780b6a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
94ed4e54873e46a0933cf865e65ecf43

SHA1
281fc30f910c31030b6eaa0d07fc0520651fe620

SHA256
46429dbb96cd4138875ec49db2358405e55a1cb826516d17d51bb74357e45cbb

SHA512
d8ec8de80f63e3c3f796b9f08964a80f614d63c8aae38907a034038cac8555bffee28c58654ca6fee8bfe4695e87f1907428128ae4521203c31c93139e4d4584

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
9d5eb13481a20552854b9b97389954ea

SHA1
326640371f4004642c2a7daf5f2a459360fb4c4a

SHA256
2c0637946decf5ff580559760bd91e7ce50dd40bed5d319254612fffe7170b9f

SHA512
d1f66b74341f926688ac71dcc1f493c9128b639a65aa662868a4765f006c527ff49a234416b684b85677cad90c7429ee61df172b52d163dba87d3766d41b8b66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
ebd662fb7466aae64c8dfa81adc67f68

SHA1
6c75697b7aa776e1dc5ab161707ea1172e5ec447

SHA256
e76861d8d00834b397619971b9e077571ec8e14bc3d42e557b73c78116991680

SHA512
1eb7c90cfc336785f20a6c1f071f69f290ccfebede220e0c97566c1d41a09604fa4aaf69ca17cb00ee2cc7660b263d70858f046e87749956a80f51fc62061040

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
3071ad2b90ab70e41acd31baf9c22651

SHA1
83f3124c309093f63dca4be152786d77af5aff5f

SHA256
9d7e05137916f458736f6a941bd3f384d983b55a4e25ed92d2f6083cd3f31b0d

SHA512
1f18464f935b70543b83978117c9f8bf07013783ec64924157eb52b2ef9feebc9efec3c538b175ba120b65e3308ada7cacbfc787ac0832ab6506bf929972c32e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
67017356613915bfdca9a21dccad2e66

SHA1
2acd98d2af4195a3a4344397ee42e1f4b8b08d44

SHA256
7407dd39088dece8628d63c28086692390e2f71c1c30ad6c9e8a2ddf5cf3454c

SHA512
e8eeca3dd4556d47336c790abdd185d266e75667b8a0fd7fb8a7d91372cf3b800a37c3af19a4438b846b74c28884998e682b760c13a2dd5ab01188acfb2a226a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
d163f47f3bf595977434b9e029ad7d4a

SHA1
55b727569be36dd6710e06873adf0033bd8536b2

SHA256
33c7cc30bf403b709ef9b8c2ceb532efa96dd16be17f1c857878d38b05ae5593

SHA512
fff9c4adb4e992ca00e12831217a3a6b304d2550a401eb6cdd05f862699a81e5c993d80463572458c38b5cfdd0b5949b691d6e3489073d26fb7c50d1002918b2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
369483de1c7ccd7235759e3fba9ca813

SHA1
91b7feb34b761ac8d8d8ce4f3abd5e27860acb26

SHA256
b3bf4a530492398dab48ce4115e0fc454586bfeb6b0b0cb4d07ce82d296dbd2a

SHA512
30d5b5926f5f030dcd3b395798b03e08b419d9a973769844574b215bcdbe0d9a7a7705e9dabe85493282426fbbed52fb23e3856b9bc4c1be6248f8caccd729ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
dcf2dd278e6a9904325a3ea4559ae071

SHA1
188046cb88402e6ea8d1246c7371f64dcc2a5a53

SHA256
8da60fcd7b0a4b70920178565a7ce0a024ad380c2035d47b4cc79b14973f3eaa

SHA512
d9abfa506d9eb43c01a21762f17ba5771be3e88f0876040ec4faae1536b507566c49bca86903ca838fbd9762ea2d01bb2599c71b181c17f991228f5f2230891b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
9d77adbf41b46e6b51fe61ed4a2a2a08

SHA1
967a66a491a40bd71626b17251b81433b11de6f6

SHA256
f7db1b54be06657190817575dc5bf2b62b58f9ea564eda5d8b68b9f5cc85dc63

SHA512
2cbe937d69109a844b799a7616f788d8e615cfa5032ca62e97e2c21633f6f99589c0b99cd3c9eed54bcf91914738ff69ffeece4cd20df8ad2d3a3538e2e6b335

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
953b20f00d83ef0b007ad07e6c56119d

SHA1
7ab7fad213cdbfde925697e89a5ab77fcbc43cde

SHA256
3628a4b2d1044335927b50ee412bd9de9d3990cd66a01b73b153661e5fef5715

SHA512
498d1e445dfac66182c95c967d82d79b7365fa3f563503f52a7122f9bf35405ef3946f464cf8108987f140ab02b610e56760ed5779bbc12838a6f8231ac3ffbf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
8KB

MD5
06cf0cff926acdf606173e5a8f4b6287

SHA1
1e06a599943c6489e90ba66cd21d1c3c97caeace

SHA256
b7473ce005fd8f44734215fd0f45969c3aabe3966f4678124fa22c4ad06c977c

SHA512
e9b6786ab52df20d967bc712869151189561aadd1447b3f3b652339ffd76a2e7858bd56514925cec566cfcf669b36eee20cf23360ac4212437149f3324ff4cea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
ee11a761c688e8b898026ecea87369f6

SHA1
9a90567fc8f648595b9f0c0033faf1300d285148

SHA256
9066e1a54a2dd159dd1b8ffc5e02540af77eae3db3079a6a7c2fbb53b45a856b

SHA512
93c143664e87cf815160600dacf8f79337ab8fb75041372c16ff97f823abf8a2c7653275f1eba0aeb09a6e1b0133c2f2b4e7f7b66d3bdc5e03cd7eb28dade95e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
9KB

MD5
1237a86eaeb60fe268b3acc466fb0fc3

SHA1
5b0207eee5a82997433a6b00daf016c6f7372b4f

SHA256
db57a6d1af1bfb11d2123b1f15ce30ebd1851f32763fe40a86c149686eda626f

SHA512
31ffdb0d20c03e610962f777dd8796cb9ee7663f2ef6c21a5055da32efae3a4fae7a8825ea1f609831740d97a405b3ebd16781c2135347b2e933242df6d63792

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Filesize
15KB

MD5
9018bdbcc1a6ebfcc3b24df841316d19

SHA1
62176299fc9651140f812bb7d5b970b0e2a7ff5d

SHA256
c31a396c377aa56c1b2abf100701baea0c5db2909fa3e65612fabf2995ce4aea

SHA512
e559c48f7848dc8e41ff30db338015ccca737df90ba1f06a8890aab326403381c02d683dec2fbebbd486d1475717c15fd5aed335a0896afed84cf830bd83fbff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f07bacbe-99f4-46f7-9f7d-136d80826a0a.tmp
Filesize
8KB

MD5
8e024e6ab167f6b2faea056b6219cd51

SHA1
2743d4f115a639d680c7010410df419025ffcc97

SHA256
7c571d61e0a5fb7d5aa53d0ec29fe44c50aa4c718946639aa24e2c191a9e641b

SHA512
fa8c9347b867e851c91686d2f49e413a1b59148b50058ececf215a7e2d35a20a682f8d931b6db27f6e59182887ad3868e48e9f3ca91cd7c0aaeff522e5f73893

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
182KB

MD5
2d4f2bd4d98c6bd747490f6b64da1d47

SHA1
97a166952ce5e0eb2f54dd12eafd44be182cce18

SHA256
de5ed017682b2e3502d7529b3fb11b4a4e0b382102542720bcff4d88b55b52fa

SHA512
1d2a5361834bae33861c952e9de087c5b1b70fb83956f75c3b14a9b6527d44fa4aa0cf2ce1a75765a6b58deca7140377874d69c5261284653c45fa3fc018e193

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
Filesize
182KB

MD5
2bb191278f21833c3f661257d797a95a

SHA1
81016519fd55a0af8ec9d1edde9cf0a049623615

SHA256
d3ef637813b50ff60c6e7f08f4dfdf2c5406494ee81e5d13aafa92aee0b8f55d

SHA512
8560ea603c2a0826cc501bf69c4d78c28d9b1e64b71ccd74a66f2406b73f43dd76ddd8c08e9c15b9ac5341dbd16001f5885d7bec1c68112298e0280b6ff50463

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
d406f3135e11b0a0829109c1090a41dc

SHA1
810f00e803c17274f9af074fc6c47849ad6e873e

SHA256
91f57909a10174b06c862089a9c1f3b3aeafea74a70ee1942ce11bb80d9eace4

SHA512
2b9f0f94b1e8a1b62ab38af8df2add0ec9e4c6dfa94d9c84cc24fe86d2d57d4fc0d9ec8a9775cf42a859ddfd130260128185a0e2588992bca8fd4ebf5ee6d409

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
Filesize
152B

MD5
7f37f119665df6beaa925337bbff0e84

SHA1
c2601d11f8aa77e12ab3508479cbf20c27cbd865

SHA256
1073dbff3ec315ac85361c35c8ba791cc4198149b097c7b287dda1d791925027

SHA512
8e180e41dd27c51e81788564b19b8ff411028890da506fbf767d394b1e73ec53e046c8d07235b2ec7c1c593c976bbf74ed9b7d442d68b526a0a77a9b5b0ab817

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
Filesize
22KB

MD5
ebe1db309515e123b18b19043ccba3c9

SHA1
1d51173183af8383fd38e2f32b65edaed978e37b

SHA256
f8b2426d9138e6d2dd2d645882e487fae91b1e126cdb04edd927129ff7c613d8

SHA512
f391aa37c5d6ac4c8bc711d417033eed7abb56396c3ee3b32d2bdd74ae9e2de43dbe938064bfe422a6d114157c556960aeda24b9ee24f5a22ce142aa89a39b18

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
Filesize
2KB

MD5
52bad2ac86a73b08f8705f3f5ee55ce2

SHA1
9fe6d7a8c1ef10506fdc5cfacab2030efd6e9080

SHA256
912e1c3a772d375e47b5ef7714d768471d354edcd9f090551a2f13c74e72b316

SHA512
4cbc365bd0f222e35a01e4dece45dc1658ba0af27ebf586c0ffc677a1560c4a62caa4c987d35edcffd89cf5717683d1c9035b7514b7c1c09c4b86676d451e083

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
Filesize
573B

MD5
f8e8c999e6cc657e45d4f09c2b43c486

SHA1
273c2a72c92472eed0dd8118105717148261e8cf

SHA256
be38e69516b7da0acc54420a143ed7466c0a595d95010be6c987e99416227d97

SHA512
01a85390f19b5c16a4595f584591655bdb934d8d3c6097267845ce4817805dac4b0cac52d213f69497989eb339dbcc1bcc753066c3433dfead6562559d7bc86e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
513975e1088422b364584d121c910229

SHA1
a97079b83c43b4fe81f1db35719e541d3d6e0aeb

SHA256
d8e27ad7764b34a66819dffa6ab8c3ceefbccd37337b32d80cc2af2ce31cb245

SHA512
296da9e6d40c39fcc4824a6c0050d5b5f845585121952784015548c3db5f8fe5626ae256d77a748a4a0caa959d5c14ad7c2bd098c53266b13758b5716c556d22

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
1b595b8240b1db157b3e3c74ee546c91

SHA1
a852a2c7f6637d722b792645c65aa5a9cacfaf08

SHA256
ee79b086418744d87cd525d7ac20d8274290f36419de43a1b78513175c78a2e5

SHA512
b70cd7f0901a0d40edc5c5bd4c3d17701cad81facae6303a68f4114b8f2fa7a4ed4c55afd29d489618913d05e3ae101067368dd2fdc47b73d7e5b20731e3a721

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
684ef7d89fcda0d68d16bd5954279216

SHA1
68886cdee24dfbf7d9c7204193f2045c364198e2

SHA256
4a9486c296102c68478134be079df57870946d5996c6706cd9f97cfc0ddd8f24

SHA512
03d2dbe0a2bb686a88f5c95f75ed069d7436548afa3092f3093f60c4e9167660085d289e3c27bc6990f75ec6c068b36215ade5a771c17a13a6ab6da92a5a9155

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
Filesize
6KB

MD5
e4e2e2a5d2e72a0eb4ee9e3f7dd3852c

SHA1
310ae8061e3c018ce412c9107364df9d76ac10a7

SHA256
656cf8baa884621c7d6ab6bfb0a21afc9a21b362f4ecbd3b790c47515b6be61b

SHA512
bfd99fd793d997c5457c6376041c17ddf9bd37f81cc8088e2765eb8190c4f495b0f345c8788935bed2b107055c15b53f15564451854292bf29d77e108752c76a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
Filesize
1KB

MD5
9cea9c6446c9cd3c8397377845387c78

SHA1
669bec80c649020c9cfd880ff66bfef3c900fc6c

SHA256
79bf3cbf8bdf504d6f6a5751553e2a195d4b3377c714db39d82e257eefc24280

SHA512
4c311085def91259f8fe7ebb9a750c272d9af1bc2bcd82ce4428e37b27574544ec7ba86e146fbcd6a5ec4f8ea39d256f350affaaded0057da18578633d603c5a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe585510.TMP
Filesize
1KB

MD5
ba61b94fa4709ba44f03721814244502

SHA1
e7057d97354ec1489835b27df2159127e16d40b8

SHA256
2e0833acf5054a7c72e3a227dbfdeaaa8fe019926ea58d807276c0cdfdb12b3a

SHA512
84c4dbb7f9bba2a31ffafafff8ad2e2300a8536ca314c61ad55d3ab169826ca4ba800fa8676763815b1efd367f1e5e7a2ca125573abb305e8cb218af604a9c1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\e5602c8d-c095-4c54-a714-4b2887f07812.tmp
Filesize
1KB

MD5
f84b49897f28cf8ae9566b912784184e

SHA1
054426714e8f7b9353b57f55e954f91d3bf722b0

SHA256
ad81856523e281174cc4758a99a6ea121eb00d623dc3ac3b35d93aad4f9891a7

SHA512
f459547b14e49746c7acbd55014d7df7069cadb4d02b4431eb679542fc9af667dc32cd310fb502b1aa9ad3eb41e120d10427581773b518447decda0a7816b903

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
11KB

MD5
fde466cd92c7fcb5f16394a985b37238

SHA1
fbe801a77d233c80b3146cfdd86d41ddd5964c71

SHA256
df55fb05bcdecd5e801927eb98891fe47b9851d89a5537e9d1b5c23980ecd025

SHA512
226256896dee04a6bf0ca29bc93c08594674db73d58e980fc7e96ae77cfa8f309210a0c5e13586def130641780ec4f9ac5c3578b270663300c2a3b6080455f4f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
Filesize
11KB

MD5
fdb5433395fbecc5c02af572bf11e0e2

SHA1
9b308a778b445c518581fa77e9ecdfb2465bc857

SHA256
a3bb8f4e12ad5c0a447a32833124dead97be77c024295aa519b35d072824f05c

SHA512
91d4606e82f6d3e06c8563b7832b0029742cf46287e6d0c90f08cc87e299ee4acdbdee47788520bbdc01097f0d0f9f624cf5c32abc2c98c51464a2357c10d29a

Download Submit
C:\Users\Admin\Downloads\Discord-Account-Generator-main.zip
Filesize
30KB

MD5
511362586d9aba19d383f896dde752df

SHA1
1a34f7708f083dea2c36e7ce46d0d7297f8c9d86

SHA256
073a3a554da262e3ffaced7bc3940c5ae2024cb0f457fe539df980326ac6acc2

SHA512
27147c22afba73a9027c52a840e5861452f11b65362a0fbe0f58df10f80c16d6d691f847a54c61384dc0c0371ef9b8988521271ea97e72e1c841041ec6d78a2e

Download Submit
\??\pipe\LOCAL\crashpad_1796_GDCFXEMQPPJKUYTZ
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
memory/1512-324-0x000001A6A0470000-0x000001A6A0632000-memory.dmp

Filesize
1.8MB

Download
memory/1512-698-0x000001A6A0440000-0x000001A6A045E000-memory.dmp

Filesize
120KB

Download
memory/1512-697-0x000001A6A0410000-0x000001A6A0422000-memory.dmp

Filesize
72KB

Download
memory/1512-696-0x000001A6A0B10000-0x000001A6A0B86000-memory.dmp

Filesize
472KB

Download
memory/1512-686-0x000001A6A0840000-0x000001A6A0B0A000-memory.dmp

Filesize
2.8MB

Download
memory/1512-325-0x000001A6A0D70000-0x000001A6A1298000-memory.dmp

Filesize
5.2MB

Download
memory/1512-323-0x000001A685E80000-0x000001A685E98000-memory.dmp

Filesize
96KB

Download