hxxps://github[.]com/the-cult-of-integral/discord-raidkit/tree/v2[.]4[.]5

Analysis

max time kernel
1037s
max time network
1040s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2024, 05:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/the-cult-of-integral/discord-raidkit/tree/v2.4.5

Score

6^/10

Malware Config

Signatures

Legitimate hosting services abused for malware hosting/C2 1 TTPs 6 IoCs

Web Service

T1102

flow	ioc
160	camo.githubusercontent.com
161	camo.githubusercontent.com
162	camo.githubusercontent.com
163	camo.githubusercontent.com
164	camo.githubusercontent.com
178	discord.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 13 IoCs

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949	msedge.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe"	msedge.exe
Key created	\REGISTRY\USER\S-1-5-21-47134698-4092160662-1261813102-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe	msedge.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-47134698-4092160662-1261813102-1000\{C77D0559-C676-4AE4-9719-30312A7555FE}	msedge.exe

Suspicious behavior: EnumeratesProcesses 15 IoCs

pid	Process
5104	msedge.exe
5104	msedge.exe
2504	msedge.exe
2504	msedge.exe
2904	identity_helper.exe
2904	identity_helper.exe
2392	msedge.exe
2360	msedge.exe
2360	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4800	msedge.exe
4928	msedge.exe
4928	msedge.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
1392	OpenWith.exe
1284	OpenWith.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 23 IoCs

pid	Process
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe

Suspicious use of SendNotifyMessage 50 IoCs

pid	Process
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe
2504	msedge.exe

Suspicious use of SetWindowsHookEx 58 IoCs

pid	Process
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1392	OpenWith.exe
1284	OpenWith.exe
1284	OpenWith.exe
1284	OpenWith.exe
1284	OpenWith.exe
1284	OpenWith.exe
3516	OpenWith.exe
1040	OpenWith.exe
1040	OpenWith.exe
1040	OpenWith.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2504 wrote to memory of 1772	2504	msedge.exe	85
PID 2504 wrote to memory of 1772	2504	msedge.exe	85
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 4092	2504	msedge.exe	86
PID 2504 wrote to memory of 5104	2504	msedge.exe	87
PID 2504 wrote to memory of 5104	2504	msedge.exe	87
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88
PID 2504 wrote to memory of 4068	2504	msedge.exe	88

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/the-cult-of-integral/discord-raidkit/tree/v2.4.5
1⤵
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2504
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff82c0746f8,0x7ff82c074708,0x7ff82c074718
  2⤵
  PID:1772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2196 /prefetch:2
  2⤵
  PID:4092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2252 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5104
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2680 /prefetch:8
  2⤵
  PID:4068
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:1
  2⤵
  PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
  2⤵
  PID:3108
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 /prefetch:8
  2⤵
  PID:320
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2904
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4132 /prefetch:1
  2⤵
  PID:3676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:1
  2⤵
  PID:860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1
  2⤵
  PID:640
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=6032 /prefetch:8
  2⤵
  PID:4340
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1
  2⤵
  PID:2868
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5232 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6268 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6440 /prefetch:8
  2⤵
  PID:4888
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6436 /prefetch:8
  2⤵
  - Modifies registry class
  - Suspicious behavior: EnumeratesProcesses
  PID:2360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6084 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2156 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5060 /prefetch:1
  2⤵
  PID:1884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:4924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
  2⤵
  PID:1624
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2820 /prefetch:1
  2⤵
  PID:4848
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
  2⤵
  PID:2204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1376 /prefetch:1
  2⤵
  PID:916
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5072 /prefetch:1
  2⤵
  PID:2220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5348 /prefetch:8
  2⤵
  PID:4840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6696 /prefetch:1
  2⤵
  PID:4988
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3012 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5080 /prefetch:1
  2⤵
  PID:1036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1
  2⤵
  PID:3908
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1796 /prefetch:1
  2⤵
  PID:964
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5436 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1
  2⤵
  PID:4796
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6088 /prefetch:1
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2184,263893244990599699,8138979212512699091,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1
  2⤵
  PID:2012

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2088

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1448

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5044

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3812

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\Temp1_discord-raidkit-2.4.5.zip\discord-raidkit-2.4.5\Discord Raidkit v2.4.4\install_requirements.bat" "
1⤵
PID:732

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1392
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_discord-raidkit-2.4.5.zip\discord-raidkit-2.4.5\Discord Raidkit v2.4.4\tools\osiris.py
  2⤵
  PID:2012

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\Temp1_discord-raidkit-2.4.5.zip\discord-raidkit-2.4.5\Discord Raidkit v2.4.4\install_requirements.bat" "
1⤵
PID:4936

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1284
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\Temp1_discord-raidkit-2.4.5.zip\discord-raidkit-2.4.5\Discord Raidkit v2.4.4\Discord Raidkit v2.4.4.py
  2⤵
  PID:4140

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3516

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\discord-raidkit-2.4.5\discord-raidkit-2.4.5\Discord Raidkit v2.4.4\install_requirements.bat" "
1⤵
PID:2216

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1040

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
6c86c838cf1dc704d2be375f04e1e6c6

SHA1
ad2911a13a3addc86cc46d4329b2b1621cbe7e35

SHA256
dff0886331bb45ec7711af92ab10be76291fde729dff23ca3270c86fb6e606bb

SHA512
a120248263919c687f09615fed56c7cac825c8c93c104488632cebc1abfa338c39ebdc191e5f0c45ff30f054f08d4c02d12b013de6322490197606ce0c0b4f37

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
27f3335bf37563e4537db3624ee378da

SHA1
57543abc3d97c2a2b251b446820894f4b0111aeb

SHA256
494425284ba12ee2fb07890e268be7890b258e1b1e5ecfa4a4dbc3411ab93b1a

SHA512
2bef861f9d2d916272f6014110fdee84afced515710c9d69b3c310f6bf41728d1b2d41fee3c86441ff96c08c7d474f9326e992b9164b9a3f13627f7d24d0c485

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\6b6f6310-23a8-47d0-9e51-bdfb0467f86a.tmp

Filesize
1KB

MD5
a03af0015a9e1ca0d54d632ef0ce0f18

SHA1
1a20020e83b9d28f0ccb4541798c7a85c7ea95de

SHA256
564261a4f3a3ca61d895ceeafe157636a18a9c97d615c8b75c372a5b07e3b50c

SHA512
fc09e716772e056d564dc68b7745f99713b65c033b29e469919d63671e5d8def1a4d078aa3e4d085829d4aeed5cb06db44a0399f5fd1a9e6e98d127ecdef3e05

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

Filesize
37KB

MD5
f9a90d58144602c12373f3a51ae11c3e

SHA1
50930fadc719a0cf689f480f053fe55eaab64817

SHA256
477adbd55274ba5f7057f114fd4c4908fe46d7f486c7cd6dfe452a80ff0b7c82

SHA512
0f06561a943bdafdc0f6355ce4a5dd2a3daa348d621ac8c0d95632d5bf0458b4068803af0f3e9819496ed750299a63e6eea88c53bd2816c757a0e4c721d7e4f7

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

Filesize
37KB

MD5
716e28f3fc616954f7b9bda36b4a5bc5

SHA1
3b6896ade647a55ce23eaf47de54a49823618f78

SHA256
63382e5920e0ee343f01fd688f18c0ea475358c2724ec005dade5f3172011e74

SHA512
c2bd1b793082d5c87f40d24e6d91423d3cb6927f5e9b777c0e80205d6dd813be837e64afe06729580b7ffdc135b51f7db2bf358ac102e1d965637e2c34d5a29a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1f425b09f64bcc96_0

Filesize
13KB

MD5
c8b0e7b9d96da41fd6795b763d61c4a7

SHA1
cba8d65110223ee30c55bd927821cc288297fbb9

SHA256
84037a6027a58233b064d383acdcdaf8410a8874d5ab6b97d8010215f55732af

SHA512
96fe6df6856a376c30b4e446d30e84dc4ea8fa55b5f632ced0d6915a33ee857b8fc8c329874b5da4b90f23a6af31562dbee9fdbe6ec5d44da5555dcd67d7f52e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9c113b686f39feef_0

Filesize
2KB

MD5
b711e9ab16e4880e4c7e37b423d2511c

SHA1
03ac9f54a7fdaab091fe1c11ee252168ff3e94d6

SHA256
78e6f791d0c2b2d338523a9e308362f6a735ccfcd74f0be4b54c509583ef514a

SHA512
5eeed8af913a531c7f3ffa01e3bacb8185c2df9ea569486add20da11b92814cedcecd409c5a02884f9aa3a90aaff7497c93364dd9a61b31e5bb1037c53d4e94e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a4a4e115844d3f41_0

Filesize
2KB

MD5
800e2a8611a2e1eb20b7b44dcf99e1f1

SHA1
fb70fedc41c8dd12d02c5f8c5a8bfd51a2742849

SHA256
62d946e8b01dcacbb2cb3c981dbf6c2e650cbb444a44ef43bead86fb27947a6b

SHA512
ec62e3ff7bb9ffdae42b2c85673af6e2e91f7446785a86777fced3f2874d08c8595eaba93ba7862577faaeb7a0192fcb7ac5e7cde84bfadea4a93c4d54fa1176

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b5c0b0d2ff0cad95_0

Filesize
34KB

MD5
444fa9ab9414681992c84065bd81c73d

SHA1
8cc6102cc8a29918b35562a92c5cd9cf9b7067f8

SHA256
2094bbef617e68629905539065ea7ba9cfc5821f52921c7151e01d5d55d5a29b

SHA512
a239fa603d9fb5486f9fe08a821687e474f541066c0936b42126f81ec39e16f23f4cfbe0c5fcdb03c453ec489ab401ceacf12bf1c4627269c2b5f1f025fd179b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9aad0693e3fa437_0

Filesize
1KB

MD5
c3b7462c2d98c4c63432c7442b90c4d8

SHA1
a80d414aadeb49f6c2ff2be4939e8abde96a3de0

SHA256
c63b5843da49b865b26e4bbba092356aa57fd329472a8cd823fdeb1c2b3c60c3

SHA512
c57ef8141abbef82341512c538d1c6bc267c52ce4d2568737594dfdfe3ab2a2eb3f3eee4e311c33d123a23f4db8ab39ce2858e1a778f2c1fe74461306fe33810

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
a192462ca8fdd4a500af925016410c19

SHA1
64d0697ffaec0b2ebfaab5c3879e421e1b08a023

SHA256
92393c0f7ee2121190ef5f4d7d01ea9ad1e07c929099929ac56500d4e0519164

SHA512
5599617d3e95cecf718b855e7c46cd3362c17577ba919e164c6a627fb6ff6ff88b6fb9602ec50cc6578afce56b5e41b9ed87d282d79e6a9cae57d3dffe6d37c8

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
1cbfc9c95284c4bb49d67ea4da9537e9

SHA1
d525b50b45dc61cd9a963f27b1bd7cb602ce9d63

SHA256
91ecf09eae59ca3f3043b6781a823bf6539e688c6eacf60f0c421d55192c5871

SHA512
53a3e07b16f2a6d1f80af55a09d0636b216f065b1ddc54311e7f6e67d36f1e9b68b2f15bd89b95679d2ec0ab6bcbd6da035e78cc02e6f2bfcec2bc9df41e6fd2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
5bf39a80c3929a2c52b40ed1f07169c9

SHA1
661eb3fc7e9940bf28b2a6b9a6ad02d41d6f858f

SHA256
7479157c4ee7db1d235ac5fd44d6e8a8414ff460a69fefcf852f66a25e3dc5c2

SHA512
0543f62e38e8f19e6303f66f6875666a9271c58946445e46946bc61af27b5382e3690ca8c00795f7b0edb7124d3cf749f5a649bf335eb3af1937765e05433131

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
c525717ac8caa7c682b2f115e2f4ae86

SHA1
e6141b88e97cb9dea985e9d2513fdd645ca9cdae

SHA256
945aba18532acde42507d1324d8ba3ed9e31ba1c1e84012708ba8021ee8ec71e

SHA512
22f70b4a06e6f83ddd8ced0b2029a43dacb3f4aac85821ee0c3528c0452af4a51e89bf8f3a48a68ba43fc45c8295065b9c2f461752b9af0e7bf26eb8248edc55

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
5672e730dfe10080a80539d722f413db

SHA1
cf65243b676a59d49a676ca1ff175a957512868f

SHA256
f3838f5ee8169f65f528fe72d2a67e9fcec8f583c8d93ed1abfd96ae5284900d

SHA512
4270a2dfd437674a421a8ab75d99a787e01c2dad5355e727323f3fa851546f51e6dd30fac114f7bb4d82d28a1264e224311412531bfcb9d02cf7bf245155d4c9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
ca9c6f7554d4df9bcc23888d91a83c98

SHA1
3672fdfa35025dfa8763a1504db219aa8a9cb4f1

SHA256
08d0eeb415ac1e8f6db8e551292e33974136c9b782be06bebca9d71ad0896148

SHA512
d8bc6680b80ee1efdf435845c39146f439f8804ae5add2a553d063dd81ec22410e0ff7c1c959ed6d693125c11c76e5a9ae8457936112161471faa832af3fa866

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
409B

MD5
b12ee6b010e965ed924892682077404b

SHA1
cc06dbdc7cf807fb8aa0f90749f5f07c2fcf55fa

SHA256
fefc13d455791d6cc3d8bee48121ca6d7c21e147fd45c504f236bce95e0ea58d

SHA512
b4178d1bc5b95dbabbc5dd1f902f2601b39904279d56b725a9c4aeacf9c27860c02207b1409298c911976540a30eb194c469f7fea64cb3a117755e57a56c3e1d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
565B

MD5
0ce0b6b870b56db95a5c9c1ab25757bd

SHA1
5bc94df960c9d8d7431c4219c84d525e85cd846a

SHA256
241b40ff20fb1d30d9e9d4c2256ab051949eba5eb7a0b8182471e38542c729b4

SHA512
4c544626a98296f46b435ea4c4fa2d9c05731cf7d83997f6b368b7e0fb52e444454dedb17cc7053c5a1c816d348793e7b04311a6f9d9e815c00c56aeb2e8f022

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
722B

MD5
1f6dbba29c5188a72ba24dcb2d578117

SHA1
f6f3a685a96826e24b671e4526dd7afc596ccb99

SHA256
b39815da1046503f71fae80fdad13e67a40bab2453b42b9c9eec4d24af8d224f

SHA512
d35da6b679c7080ec34687b7fddce5265d90db6ca3c15064519b087209dd741fb8a6c24022a0c5f3b2125e6607db467c6dc4f5dd6921f823a3c7614574a75b52

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3d115778054cef792e079ed327690119

SHA1
af7f5eaaa9f6f241ec6dc585fb40b859c24c647b

SHA256
47b09fbf9c3903c1b771333035aa888b322796ece3c2e7d33d840de722244ac4

SHA512
1ba9814cd4cb440539fecf5afe8ed63bc7d63fbfc5c09527f0179e535fa045ba4bc122de8a673d716dad10750553f6bf33f00fa5b7f88263ad1df969e66f2a15

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
482ebd71b0d7217f7c6402a9bd23b8d6

SHA1
0443b17e640f36c0e49b13122ec5b9e65bfc7266

SHA256
548cd229f99dc1a06a55f7d49bf7570df13367259e3119a5d8210a74644ce6c7

SHA512
6194f2f9ec3c872efa1947bc8c88aa4f71b6726d7da27bed1f6e5acf06eb564ea2ed6d6ab2e7d0c774f3ed271ce8d33c2cbeb136bf50b7a7d3133d0d0e8a1b2c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
c8a5cbae0827ef1a062fb4ee99af511c

SHA1
df8d0f72c08e3717ff053221632a0b3208407f19

SHA256
f1373e38a1488c4f6e661483bfc8e500344cda19794ac31635b8860a120d2c08

SHA512
067c4b3e4bb2b160fd80863196ef81a4000b0199569dbf69aee73c050a018e919fbc6c7833201f8a533b817d0c5cb0e2c68674ca987b62e69aacfa6227a8c93e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
19c4928eab336319f1a90b22ce3367bf

SHA1
1834eec6b36ee71d09453852217cbf1e16cdb887

SHA256
6853bbaa86b5a348b563ad9b24e6d6a8165e294c8ef5006f656736cf4183998f

SHA512
d50f2842041e90a18b433aa9abe1fcf606973e8a1aa533a95ee774e013592f270d015dfcfded3c06c75762f45d6aeadc5c05f2bc77022f2b3cb45cbb0b4136dd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
9c968c6cf93f640930f04ce8bbbf388c

SHA1
02d0639821f05e9022b4c58ddfb30356e3cd5dde

SHA256
668e21493d1a602caccbb45ec8bb6cae3c5e1241bd57b816cfb2861fc20a2d66

SHA512
f4dede7fe01c819dd47ae4e3f83d703f6418a2a17f07c4b2d46698fdddf0b593687b664cbe744da32cf50a90d10029b9a09adfa71cfd6553cf63e202972ce2a2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
e6cc58c5550782e5bd66fb6353778a26

SHA1
b3aa80c3d545e0d4b219cb860d38a71eeb05f9ea

SHA256
9995352a84b7dd4ce505757fb4808d9e8212725191af6f648cdc289ba81f4e63

SHA512
0f174665b4c815aae37623854aa244752d71bf479645c47a699bf50b757934403f65ee8a653ecd0b0ba6852e6b6dc85050a635ef83746afe47fcf356aed0e5e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
05676852adcd5650895181daf3af4add

SHA1
a592fcdd59d8ecb370cd59faf536ee914d96f787

SHA256
ca26be28608b5ffaf1b0664b6fdfc53f61106c19f414c080b4e6069a00067844

SHA512
79e04638d3e315dfdc217394ab14bcdd71a3bb525a1ed7ebdab1da1313d13dbeac318ebf0a1e549f0200a3b0e0edc4d09dcb090d635e8d2b8185e654bd21bc8f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
ef49f7ec04cce491995520f1bc99ef28

SHA1
e1fcab2c3c106173d13ec8e0746150b78cf8b960

SHA256
1d5eb33541bdecd3e33c4e2efc64f4c15bb2aaba29c1c1537fdee49fcbb920b0

SHA512
d5c39e557bfad39e9ace0593d5a98d08c303029a687f79272827ba7933d4334b86a040ebce54d344a170a7d631ce6a7b13cc3fd1dce26f3495de5291afb4af9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
0d8b885b8c49b257630b2b65130a8f83

SHA1
1be7665832c19910bac265094193c9d3ff2a556a

SHA256
d94d5f7634937e2ccecf23b112dd22ad56b101f35f22c73947555c955bdd18ec

SHA512
fa423f2f0ccf4dc8c118b2a7993f3619f062cd137b157c5641c0fa145849a56a5ce02ec5a53573054d66a641a3ff3e0883cc267173b88a28e0d52264c3b1ec50

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
d1599b0b97239bf687bc7f8992a2ba80

SHA1
1c41c29a6ac25f4035681c3e86d5b25ece91ee57

SHA256
f696170de118dd69419ae07bea34a344e5c49cbe9a9f32184cceac2541275a56

SHA512
85bb52dcd5dfb54304962dc03bc1d93639edd96d8ef0b75962e4e0451338bde3d58d869aabd4b8310bcbddc0472c7303d52ec06255fcfc59ef62460dc4a69c02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
25877687b35299979672420a449bf204

SHA1
def4af257e44915d6656926b3114d2c81b9f09f3

SHA256
3f72f7ed3029dbfcc584839c47168a2c94c8030a68487037f5d9a986302461fc

SHA512
a7a5a75d1d2d564cc76a3253f09f0d3eba58b630a96d04b60b3c04edd8521e9d68be882724b4cebc0aa8b0f06265e7db4940d25c5cb028d16b70f3c43a2b3df9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
b83ad595a1a6c70cada7cea76c615566

SHA1
c98d1d3e68defc932ea507c52b03966f739e2a54

SHA256
2f6d722393550126fb542a308e41cf00b4a6576cdabcf5e7362c273774048a07

SHA512
3179a37983fc39982c07a8bf4b3f7b91d4f30b020da0d0b51d42635611ff8a7cdd8df308ef1fea79f0816244a552b71b4c3b725ebb02b7a0ae108f6ea6f57e0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
82208c28d02d1cf9c240bb85898876b6

SHA1
b6b36f56f190115fe13e931935b9bcf65169eaa8

SHA256
877401287eb73f2e3213533f31d9b799616667bd9008f4416436cd798909f99f

SHA512
07876919a2c3e2b2d90474805b06065174d81d874cf47f60ea7be5fe9d048b36eed1a5e0f813abad8fe8fc6737a467bc13f809b752f3a9193f3f8cd4059bdfaa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
1cb43209706bb8efa4b660650cbc91d0

SHA1
d53ba692d1f6e70474d2d82006fd6512bae52aaa

SHA256
37d910df0db52c10ad07837fdc7861294a56b366a96aba10dc0d5f662a648b25

SHA512
ed6d1bf2862210f8808b8eff266108c9b45972a19a8007d772035da149d7e8e148b277061f3b890ea9012068510c9ea7bbd70c0f26f48721648c37cb7a3df2b5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
a969757be222598044d7f79710c670b5

SHA1
0546bf7038523d826fbacc112f5b02ca66710672

SHA256
7c073bca2d52cdcca57d2c9df65978d3367b39836fbc394bbccce387b0527db5

SHA512
4295e717c356f4802446e52542be81792e9b01e51e2962c9fce966c9eb49c26861cafb7290ce3114f4f6b47aca92ba240da549187774e16d8358fc9e7184c08e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d0200d214309a55cc23a4cb2c8c91d83

SHA1
c2510077a000661ba2b055b2239bb82023405e19

SHA256
031686d9dbda15fa47734eac9f30b484071599496d3688f26935e03f0d700566

SHA512
cedd06e7dbd3860c736208779fc7a90fc8bf5cf9154000940cb72e5841a44b891e23eddf6e5455224c6fad168f49fd40f0bef9eb85ecf7a5039ed97e80567f1a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
bcce42ec92d3c7f1db32a0d44ae412c4

SHA1
36d1a6293dc4183110e7c988830068be62532cf6

SHA256
bddd1f10f4dd7f124b6437643db3065dae9fb13d3588487cd81eb9672269baec

SHA512
2b132197e76ff75a13adcd0a4dcad38c451c99e7b32823ebd34389035bcd3ba25ea6cd88dad6646542d82c058ee29db08f0122011b3ef72cce3177b72272856b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
6d43b5574b02981587175010d575eb7f

SHA1
69383c61c4d33b512a24209cf65a151e021eec73

SHA256
965d3edd9333c47d57f7ae90cbea476a282e4a9315cdce4f968a700d5dcc6e92

SHA512
08f804da08643431c94c0a8417ec219c3a02893d186732306287c77b9ac0630a9e67c8ad832d6c08662a5a54b8ea5ebad50d9ebdfcdfdea7f161b6d4e2152a69

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
f16d4d6b7ee47185aaa553598b90c298

SHA1
0cd7da544c9f05d0945aa7c091eb92c33cdcebba

SHA256
7b9028c29fbfa2d02f0363ff64c502c671cfd5ffa2f8468620a81cc0da52a1d3

SHA512
b46512c280c31dcfe7c58ca82428857fae30e07aa9163ec3ee65662f613a629507c8f62b0bbd96344034bd422d006f808ba15676c71d69de34693b0671af5f02

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
be81f05db490a8bb8534c765c8c8c43c

SHA1
c99f36e0b858639a1d43206cb9517ac109051617

SHA256
5bacfac569501dab80cd0b9e7b953c1d3ac04d754f26758e3ec6a5884b6d04bd

SHA512
09278b0fde88d3c7b197fb1284765d6787bd6762b2ed9c6bda9baf6723115007f83916b836d22da4e8a4b97edafba4997b39afba738d09b6ff475705f067b189

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
09c8d247cb02400d65d63b78b56a0ef1

SHA1
bf99bd76f7cefddd05be4b1cc8779186ddc84700

SHA256
65eb1822892ec88abed567c9ca75ada6072068b2eacb88571803a7e808ac389b

SHA512
887d1eb6f5074c8e4ae9e08d04d0216b7187d9082d8e0935fedd2856767961fefecd19dd10631045c70cee9b15c4755ae5e38ce4d1c4a9661fd1e47d96ecf18b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
cb383630eb82dcf75501706947760696

SHA1
319fb32b0732ea37d0309414cdb95e636ea2e74d

SHA256
34f6264fc8293d569522deea17f553481b6a1975ea7cc4552ccca6bb59c4c48b

SHA512
bac56e3418db135efc5ca13a8dc6f4042dc1fd280a3ca514197870d6230b23e0b4500d03c3e321b2dc0dbbff938b9191294221e9ba2e1b4a688f86007dfd8e3b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
d7e4307fa18f962734da6cad3fb4b564

SHA1
69da3509a7b3cc0e5fa8497e31d90b984bbf27b2

SHA256
a416caf3e86fb945945990d303c95b8b02d3818d33a2645a7d2ecb6953a5823e

SHA512
30ba67d31586647484ceb47360850e4a0357e40c5015ddbe7cd49341d2597aab45924a9e5103008e2892ab6053611c7794e47735f1c26bac2eaad38d1f1d0c5c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
3b4f9d13bd7feb4a49044ff7c936a018

SHA1
23af096086ff6b534a627e16b9087272405f7a0d

SHA256
1dd1b126a41b3c497952ba1a0613ff0385b2c689f24100b601416617be7062e1

SHA512
8a52c2ed6ee2765046920bc9a69f351f36f37f4ee7fe4fa98a1c788a36fe678ad7002698ba31813f5a8bb740a8d0bbeebf4d55576bdad952782d77f41793df1b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
8e50218c86704e5d16c9c22bfb575440

SHA1
4fde130979bc9c4a20be639b191b282305e8e3fc

SHA256
fe4275210304f9c774b2390da14cfcd37ffb3aa29ba04c6500d94f6e934927f1

SHA512
6b04be61cb28760082ae125d1b0bacd5654549636f6eb1772ce0745b761271746c6c946174605e5d46fc956e5cce3f3b80678c7470584616ec814b1bb689b2f2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
32aec37e2f82075f9449397d14ba23bb

SHA1
a87455f9def7cabec5d5df07efa181072cfa1bb3

SHA256
5e55b6fcf1b3febbe46987dcd85cc358b55f98bd21341fc4cd7e3eecb61b0e7e

SHA512
28ab6517fe1ea562fb38e4c3240c1b69dd8323ad12a5a39aff9bd604ebd7e96eea225931a2bfdccd17a41e2b93c35d75173fecb189b54a8e633106362efecc53

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
1b9c6925462221b4ac966befe91f40dc

SHA1
79d16e8e6a3513d29190728657160c7420a902b2

SHA256
8cdce282e9a27e9027a825f26328a28ba286948e7a99602f5587eefabc43705f

SHA512
39815f3fd9013faffb738b060931682e809d35f0276e171c86011a46d8682dcafbbbcd59b54683298c54f00a523c2cbb2c710cd92026fdfea0f36ffbbb37920f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5816a0.TMP

Filesize
539B

MD5
c76d38da3459bd4bd43535979f7b3dcc

SHA1
55824cb2fa38b58e381fd2064092efc01bf0c95b

SHA256
0e61558eb93dcc867e021845c88e44cdffe424653c50ea39d7a3a8109b09e20e

SHA512
708680e3f9ca152b24aa02062d5ca694c94238a849d0b1bd2b2f41832ccefdcf2792af6766df8bac1720bdc3c694ef0ad2a84187b353017f033418cc22c493c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
2963efd43a4a492d02929d82f73609d2

SHA1
64f3af7f846a2daa828bf5861d59e89f1d41c6a8

SHA256
153ec0825e7b8f3f4180efb569537ae667c0c3a5c2d133254528147530b47e1a

SHA512
2be2182a91aa844687b406e0d579f6ccfec73c98d1e0853e28b69aef22092e2da00569ecdc43974acfb595640333e0fc18721daa6ab98105286516fff8bb4868

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
b3b37212908b3df6bfdd4bd80765823d

SHA1
f1c118c9fcb506f5150b574f099bf0eef0c0c7d4

SHA256
96974416accdedb67073806b3ed8b3de9929510c0f39f19eeedaf95401299c4f

SHA512
85f9948786c342ce4f59747b10a0ae3096708b5c96fba76c6ddea4fa006d9029a0f93f897725a2849c46b5f66f63a54fa983d39ee9269087855691159c92e164

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
fdcd01b4b14266554dafeb31721d3090

SHA1
716545fc268b3e0120b474eaa83a7d760e709cd6

SHA256
3731e3cb311062134b7fee6ed96c426760c84bb390cab5203a737ca99eceeed8

SHA512
4f32be10680fddb82edc2d9f9f895d179acc70fa75b2e84090b3688f896668049a0ec53f2b231129b153a179ca64e2f099e96e87966c5601be5912f12419f27b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit
C:\Users\Admin\Downloads\discord-raidkit-2.4.5.zip

Filesize
390KB

MD5
fb0ff58600963821a0aa95ad2e244d1a

SHA1
db80cd09c00df1e350d2cb8a9859a22991187af3

SHA256
3831f3e95c350181aae7c504f7ffa9b6175ab2716a9828731cf537b646bfe2cd

SHA512
5cdf31201608f1cc54720317cbb88adb628ef4dd7f4d8811357ba5788581c3d81d7109a64a4ab046f27abc299749b70a428ff89e97d11503f7a579689cf441f3

Download Submit